AddressCompany Description
At Auberge, we are passionate about our mission to be the best-loved operator of one-of-a-kind luxury properties and experiences. We are storytellers and story-makers, delivering simple pleasures and creating unforgettable memories. Born in Napa and inspired by the most relaxing places in the world, we prize simplicity, comfort, and beauty. Whatever role we play in Auberge, and wherever we work, we all live by the view that our core purpose is to enrich people’s lives. If you feel that our approach is aligned with your own passions and beliefs, then please share with us why you want to become part of our collection.
Job Description
As Director, Cybersecurity you will play an important role in the continued expansion of Auberge Resorts Collection. Working closely with Home Office and property-based teams, you’ll oversee the program which secures information systems across the organization and our commitment to data privacy. You will navigate complex data protection regulations such as GDPR and CPRA, ensuring compliance while maintaining robust cybersecurity defenses. This role requires you to couple your strong business acumen with ‘hands-on’ technical skills.
This position can be based out of our Home Office in Mill Valley, CA or Bethesda, MD. This role is not remote eligible.
- Own the planning, delivery and execution of cyber security operations and intelligence solutions for the company
- Manage security protocols for premise-based, cloud and mobile computing environments
- Manage endpoint security and vulnerability management programs for the organization
- Manage the design, implement and maintain robust network security protocols. Oversee the company’s network architecture, including cloud networks and on-premise infrastructure, ensuring optimal performance and security.
- Work with security partners to proactively monitor server & network infrastructure to meet compliance requirements
- Provide SecOps leadership, guidance and training to a distributed team of IT professionals
- Serve as the subject matter expert in security monitoring, incident response, and incident management
- Work collaboratively with different departments to integrate security practices into their workflows.
- Maintain knowledge of latest cyber-attack strategies and defensive measures
- Act as incident commander for high priority incidents
- Oversee the collection of evidence and chain of custody for all intelligence collected during security investigations
- Analyze, recommend, and implement monitoring and compliance controls/processes based on external and internal information security risk and vulnerability assessments
- Maintain processes for managing escalations and notifications to key stakeholders during security incidents
- Enhance the cyber capabilities of the business through increased automation
- Perform vulnerability testing, risk analyses, and security assessments
- Maintain comprehensive data privacy policies and procedures in accordance with international and local regulations such as GDPR and CPRA.
- Manage audits and assessments to identify and mitigate risks associated with data privacy and security.
- Lead initiatives to foster a culture of data privacy within the organization.
Qualifications
- Bachelor’s Degree in Business Administration, Computer Science or related technology field
- 12+ years of experience in an enterprise IT environment
- 5+ years of progressively responsible security incident response and technical forensics investigation experience
- Ability to quickly evaluate ambiguous situations
- Keen attention to detail and strong problem-solving skills
- Excellent interpersonal communications skills
- Proven ability to convey technological concepts in non-technical, business-centric terms
- Demonstrated expert level skills in security incident monitoring and response practices
Desired Skills
- Incident handling forensics skills, including knowledge of common probing /attack methods, network/service discovery, system assessment, viruses, and other forms of malware
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials
- Understanding of data privacy regulations such as GDPR, CPRA
- Familiarity with hospitality systems and processes
Additional Information
Auberge Resorts Collection is a portfolio of extraordinary hotels, resorts, residences, and private clubs. While each property is unique, all share a crafted approach to luxury and bring the soul of the locale to life through captivating design, exceptional cuisine and spas, and gracious yet unobtrusive service. With hotels and resorts across three continents, Auberge invites guests to create unforgettable stories in some of the world’s most desirable destinations. Please visit aubergeresorts.com to learn more about our Collection. Follow us on Instagram, TikTok, Linkedin, Facebook and Pinterest: @AubergeResorts and #AlwaysAuberge.
Auberge Resorts LLC is an Equal Opportunity Employer, M/F/D/V. Auberge Resorts LLC provides equal employment opportunities (EEO) to all team members and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Auberge Resorts LLC complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
