Director, Security Risk & Governance
GA, United States
IHG
Offizielle Website für Holiday Inn, Holiday Inn Express, Crowne Plaza, Hotel Indigo, InterContinental, Staybridge Suites, Candlewood Suites und IHG One Rewards. Sichern Sie sich den besten Preis mit unserer Bestpreisgarantie.Bringing True Hospitality to the world.
We want to welcome you to a world of bringing True Hospitality to everyone. When you join us at IHG®, you become part of our global family. A welcoming culture of warmth, honesty and a passion for providing True Hospitality.
We pride ourselves on letting your personality and passions shine, recognizing the individual contribution you make and supporting your ambition to learn and create your own career path. In making a difference to our guests and owners, colleagues and communities, every day is a chance to create great and unique experiences, in your own way.
With over 370,000 colleagues in nearly 100 countries sharing our values, there’s countless opportunities at your fingertips.
We’re growing; grow with us.
Summary
Responsible for global Security Risk & Governance of Security/GenAI for IHG to help drive prioritization of initiatives, risk identification and treatment, risk management of vendors and establishing policy for IHG colleagues.
Key Accountabilities
- Align with IHG Enterprise Risk team to develop a Security Risk Program that allows for the identification, assessment and treatment of risk for corporate and hotel environments.
- Collaborate with corporate and regional BISOs to develop risk profiles for corporate, CRO and regional risk profiles, identifying key risks.
- Develop and maintain a risk register to track and report on risk assessment results.
- Identify a risk quantification methodology and provide quarterly reporting to the EC and board.
- Communicate risks to executives that exceed acceptable thresholds, capturing risk treatment decisions.
- Present risk data to security and business executives prior to budget planning processes, to help prioritize initiatives that reduce the most risk.
- Partner with BISOs to drive risk profile and business process risk assessments.
- Update and report on Security & AI Key Risk Indicators including initiatives to address any gaps.
- Drive HVA Assessments and gap reporting.
- Implement and maintain risk quantification tool including monthly reporting and gap identification.
- Manage Third Party Security Risk program including assessments, incident response and comms.
- Analyze new and changing regulations to determine their impact on current policies, processes, controls, and way of working.
- Establish and manage programs to execute against identified gaps due to new/changing standards/regulations.
- Direct global Cyber Security & GenAI policy program for IHG; updating polices annually to reflect regulatory changes. Lead policy review sessions with the Policy Steering Committee/Working Groups to further inform policy.
- Define roles for key stakeholders within IHG Security & GenAI Policies to drive accountability for control implementation; develop role-based training/awareness to educate stakeholders on their roles.
- Drive Policy Exception Review program by coordinating efforts across IHG business/technical operations and Business Information Security Officers & GenAI working group, so that risk is clearly articulated and reported to CISO.
- Drive IHG Security Policy/Standards governance processes ensuring policy/standard alignment.
- Manage and report on policies, standards and exceptions using ServiceNow GRC; define and report on Policy Key Risk Indicators and Key Performance Indicators, providing an executive summary to leadership monthly.
- Partner with business/technical stakeholders and Program Manage new initiatives that will help ensure regulatory gaps that are complex, are achieved within acceptable timeline.
Key Skills & Experiences
Education
Bachelor’s degree with work experience in Computer Science/MIS/IT, Business Administration or related field OR an equivalent combination of education and work-related experience
Experience
10+ years progressive work-related experience in program/project management, business implementation, strategic project leadership, consulting, or project governance. Experience managing small to mid-sized teams. Advanced experience in managing complex initiatives. Demonstrated proficiency in multiple disciplines, including but not limited to process/program redesign, organizational change management, training program development, and project / program management.
Technical Skills and Knowledge
• Knowledge of security-related standards/regulations including Payment Card Industry (PCI)
• Experience implementing programs, policy, standard and/or compliance programs.
• Effective verbal and written communication skills with the ability to take complex information and present to all levels of management, staff, clients and vendors.
• Understanding of diverse company policies, products, markets, processes, platforms, hotel operations and technology applications as well as a strong understanding of business principles and practices.
• Demonstrated experience in supporting corporate strategies through the development of cross-functional solutions from a commercial and financial viewpoint.
• PMP and security certifications (CISA, CISM, CISSP) strongly preferred.
We’ll reward all your hard work with a great salary and benefits – including great room discount and superb training.
Join us and you’ll become part of the global IHG family – and like all families, all our individual team members share some winning characteristics. As a team, we work better together – we trust and support each other, we do the right thing, and we welcome different perspectives. You need to show us you care that you notice the little things that make a difference to guests as well as always looking for ways to improve - click here to find out more about us.
At IHG Hotels & Resorts, we are proud to be an equal opportunity employer. IHG Hotels & Resorts provides equal employment opportunities to applicants and employees without regard to an individual’s, race, color, ethnicity, national origin, religion, sex, sexual orientation, gender identity or expression, age, disability, marital or familial status, veteran status or any other characteristic protected by law.
IHG is committed to promoting a culture of inclusion where everyone feels safe, respected and valued. We seek talent from all backgrounds to join our teams and encourage our colleagues to bring their authentic and best selves to work.
Not Applicable for Colorado Applicants.
#LI-CB1
#Hybrid
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISA CISM CISO CISSP Compliance Computer Science Generative AI Governance Incident response Risk assessment Risk management
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs