Manager, Information Security GRC
San Jose
Applications have closed
Job Title
Manager, Information Security GRCAbout the Business:
The Hospitality CISO Office consists of three teams of security experts:
SEC-HOS-GRC (Governance, Risk and Compliance)
SEC-HOS-SOA (Security Operations and Architecture)
SEC-HOS-PGM (Program Management)
Together we…
Build a solid security organization for the new Amadeus Hospitality Business Unit with a unified security posture.
Maintain compliance with applicable legislation, regulations, and market dominant security standards, including the implementation of new requirements.
Continue education programs for Amadeus Hospitality personnel so they understand their role in protecting information assets and the consequences for failing to do so.
Make our organization and products sufficiently resilient against intentional and unintentional bad behaviors, attacks, data breaches and fraud.
Summary of the role:
The Manager Information Security Governance, Risk & Compliance is the staff member of the Hospitality Information Security GRC team (SEC-HOS-GRC).
He or she reports to the Director of the Hospitality Information Security GRC and manages the Information Security, Governance, Risk & Compliance and Data Privacy topics within the Hospitality Business Unit.
In this role you’ll:
Manage a selection of compliance programs, ensuring alignment with industry standards and regulations, such as SOC 1-2, PCI DSS, ISO 27001/ISO27701, GDPR, NIS2, CCPA/CPRA, etc. This, aligned with business needs and a risk-based approach for the Hospitality product line and Business Unit.
Manage/coordinate compliance audits, assessments, and certifications, coordinating with external auditors as needed.
Ensure alignment with Amadeus Hospitality Missions & Objectives, the HOS CISO vision, and the guidance provided by Amadeus central.
conduct risk assessments and identify potential threats and vulnerabilities to our systems, data, and processes.
Collaborate with internal stakeholders to develop risk mitigation strategies and action plans.
establish and maintain the information security governance framework for Hospitality, incorporating risk management and compliance requirements.
Ensure that the designed implementation guidelines, policies and procedures, derived from the Governance Framework are communicated, understood and applied appropriately within Amadeus Hospitality Business Unit.
Provide support to the HOS-CISO and the Director of the HOS GRC (Governance, Risk and Compliance) team with respect to the interface with Legal, Security and Data Privacy Authorities.
Education:
Bachelor's degree or higher and/or equivalent work experience.
CISA, CISM or similar industry certification(s) are preferred"
ISO27001 Lead Implementer certification preferred.
About the ideal candidate:
3+ years’ experience working within an IT organization with practical experience in compliance coordination, implementing IT risk frameworks, controls, and methodologies.
Exposure to international and multi-cultural contexts
Prior experience working closely with auditors and/or external regulators.
Must possess excellent Organizational Skills, Proficient Communication Skills, Effective Problem-solving skills, Strong People Skills, Sound Understanding of Regulatory Guidelines and Security Policies, willingness to learn and self-motivation.
Must be creative, a team player, passionate and enthusiastic about the role.
Ability to travel
What we can offer you:
Get rewarded with competitive remuneration, individual and company annual bonus, vacation and holiday paid time off, health insurances and other competitive benefits.
Work from anywhere: onsite, hybrid or fully remote.
Professional development to broaden your knowledge and enhance your skills with on-line learning hubs packed with technical and soft skills training that allow you to develop and grow.
Enter a diverse and inclusive workplace, join one of the world’s top travel technology companies and take on a role that impacts millions of travelers around the globe.
Application process:
The application process takes no longer than 10 minutes!
Create your candidate profile, upload your Resume/CV and apply today!
Diversity & Inclusion
We are an Equal Opportunity Employer and seek to hire the best candidate regardless of age, beliefs, disability, ethnicity, gender or sexual orientation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CCPA CISA CISM CISO Compliance GDPR Governance ISO 27001 NIS2 PCI DSS Privacy Risk assessment Risk management SOC SOC 1 Travel Vulnerabilities
Perks/benefits: Career development Health care Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs