AWS Compliance Expert (M/F/X)

Company Description

Leading the hospitality revolution, Accor is more than a hotel group. With luxury to economy, homestays to resorts, we are a holistic ecosystem of 40 brands in 110 countries, Talent and Solutions, ready to engage with the future’s endless possibilities.

Accor has an offer to bring new life to the way you live, work, play and do business with a personalized guest experience. 

Your future team: ACCOR Tech 

Our global #OneTechTeam works to simplify and accelerate technology for Accor’s hospitality businesses. We are accelerating our Move to Cloud strategy to support our fast-changing environment and execute on our overall strategy.    

Accor Tech team members are responsible for the infrastructure, the stability and security of complex local and global tech systems operations of over 5,000 hotels. Our challenge is the definition, planning and execution of our strategy that future-proof our business and ensure we remain competitive. 

Job Description

The cloud compliance expert is a key profile to work on our “move to cloud” planning and make sure the target architecture takes in consideration all the requirements for PCI DSS compliance and security of personal data. The profile will work with all transversal teams in a compliance perimeter to define the correct architecture and coordinate actions within Accor teams in terms of evidences, process, documents…

Context of the mission:

Part of the PCI compliance team in charge of the program governance for ACCOR, pushing actions to the appropriate project teams in the perimeter.

To coordinate actions an instance called “PCI Office” has been created. It is designed to help the PCI officer in his tasks using local PCI Champions identified in the different departments.

In addition to the constant relation with Accor delivery managers and technical leaders the role is also to work for a clear definition of the service providers responsibilities filling the responsibility matrix document. This matrix will clearly identify who is responsible for each evidence described in the standard.

When new projects will be setup one of the main objectives will be to anticipate the PCI requirements, and make sure that the operational teams will clearly understand the requirements to apply in the project.

Your mission:

• Report to the Chief Compliance Officer
• Keep the knowledge of the PCI Standards and prepare operational changes
• Work closely with operational teams to help identifying actions needed to satisfy the requirements
• Follow and validate evidences
• Work with the new business when needed to support their compliance

Qualifications

BackGround:

• Project management
• PCI Internal or Qualified Security Assessor certification
• Experience of PCI audits
• Teams coordination

Technical skills

• AWS Cloud components
• Network segments
• Vulnerability management solutions (Qualys or equivalent)
• CVE monitoring
• SIEM plaforms (Splunk or equivalent)