We’ve signed up for an ambitious journey. Join us!

As Arrive, we guide customers and communities towards brighter futures and more livable cities, it isn’t a challenge just anyone could take on. Luckily, we have something to help us make it happen. Our people and our values. We Arrive Curious, Focused and Together. Just as our entire brand is inspired by the North Star, the shining light leading travelers to their destinations since time began, our values guide us. They help us be at our best. For our customers. For the cities and communities we serve. For ourselves. As a global team, we are transforming urban mobility. Let’s grow better together.

Elevate Our Security Posture: Join Us as an Information Security Officer

Are you passionate about safeguarding critical information assets? Do you thrive in a dynamic environment where you can make a real impact on security strategy? We're seeking a highly motivated and experienced Information Security Officer to join our collaborative team and play a key role in protecting our organization.

Your Mission:

As an Information Security Office at Arrive, you'll be a driving force in developing, implementing, and continuously improving our security program. You'll proactively identify and mitigate risks, ensure compliance with industry standards, and champion a strong security culture across the organization.

The role
This role sits at the heart of Arrive’s Information Security Management System (ISMS) and is critical to maintaining and maturing our alignment with ISO/IEC 27001, while enabling the business to move fast in a controlled and informed way.

You will act as a trusted advisor to technology, product, and business leaders ,balancing security, compliance, and commercial reality.

What you’ll do

Risk Management & Decision Support

• Own and continuously mature Arrive’s enterprise security risk management framework

• Lead risk identification, assessment, treatment, and acceptance across technology, product, and business domains

• Guide teams through consistent and meaningful risk assessments, ensuring risks are understood in business terms

• Prepare clear, decision-ready risk reporting for senior leadership and governance forums

• Track risk remediation and ensure accountability for risk owners

ISMS Leadership

• Own and operate the Information Security Management System (ISMS) aligned with ISO/IEC 27001

• Lead internal risk assessments, control effectiveness reviews, and continuous improvement activities

• Support internal and external audits, including management reviews and corrective actions

• Maintain and evolve security policies, standards, and procedures in partnership with Legal and key stakeholders

• Ensure alignment with relevant regulatory and contractual requirements (e.g. ISO 27001, GDPR, PCI DSS)

Business Partnership & Stakeholder Management

• Act as a security risk advisor to engineering, IT, product, legal, and business teams

• Translate security and compliance requirements into practical, scalable guidance

• Influence and  build strong relationships across functions and seniority levels

• Support leaders in embedding risk-based thinking into day-to-day decision-making

Frameworks & Continuous Improvement

• Apply and tailor industry frameworks and best practices (e.g. ISO 27001, NIST, CIS)

• Identify gaps, prioritise improvements, and drive pragmatic uplift initiatives

• Contribute to the long-term security and risk strategy for Arrive

What you bring

Experience & Expertise

• Strong, hands-on experience owning and running security risk management in a complex organisation

• Deep understanding of core GRC functions: risk management, compliance, audit, and policy governance

• Proven experience operating and maturing an ISO/IEC 27001-aligned ISMS

• Ability to assess technical, operational, and third-party risks without needing to be the deepest technical expert

Communication & Influence

• Excellent ability to communicate risk clearly to non-technical stakeholders and senior leaders

• Comfortable challenging assumptions and facilitating risk discussions at leadership level

• Strong stakeholder management skills in fast-moving, evolving environments

Mindset & Ways of Working

• Business-oriented and pragmatic — focused on enabling, not blocking

• Structured, analytical, and calm under pressure

• Comfortable operating in ambiguity and driving clarity

Qualifications

• Bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent experience)

• 10–12+ years of experience in information security, risk management, or GRC roles

• Experience in a leadership or senior individual contributor role with enterprise-level responsibility

• Relevant certifications preferred (e.g. CRISC, CISSP, CISM, CISA), but not mandatory

Join our team and make a lasting impact on our security posture. Apply now!

About us

Arrive, including brands like EasyPark, Flowbird, RingGo, ParkMobile and Parkopedia, is a leading global mobility platform. Present in over 90 countries and 20,000 cities, the company helps people and decision-makers make smarter decisions about urban mobility and ease the experience of travel worldwide. Arrive delivers a unique combination of the core ingredients to make cities more livable: from smart payments and optimized car parks to data-driven traffic reduction and support for reinvestment in public transport and green space. It’s about more than function, it’s about saving time and simplifying the experience of travel for everyone. Travel is more than a journey, it’s how you Arrive.