Manager, Security Compliance
Job Number R183714
Hotel Brand: IHG Corporate
Americas - United States - Georgia - Atlanta
Description
About us
Bringing True Hospitality to the world.
We want to welcome you to a world of bringing True Hospitality to everyone. When you join us at IHG, you become part of our global family. A welcoming culture of warmth, honesty and a passion for providing True Hospitality.
We pride ourselves on letting your personality and passions shine, recognizing the individual contribution you make and supporting your ambition to learn and create your own career path. In making a difference to our guests and owners, colleagues and communities, every day is a chance to create great and unique experiences, in your own way.
With over 370,000 colleagues in nearly 100 countries sharing our values, theres countless opportunities at your fingertips.
Were growing; grow with us.
Your day to day
This role will be responsible to manage the daily activities of IHGs Information Security Compliance program. Coordinate Security Compliance activities, including IT audit management, PCI-DSS and other security-related regulatory requirements for IHG corporate and corporate managed hotels (CMH). Represent the information security department with internal and external constituents, including auditors, executives, and project teams. Provide recommendations to correct or mitigate IT systems control and compliance weaknesses. Promote compliance with regulatory requirements and IT best practices, especially with respect to project management, systems development and information security.
Liaise with stakeholders across Information Security, Global Internal Audit, Global Technology, Global Hotel Operations and the business to collaborate and execute Security Compliance activities.
Provide monthly communications and metrics to GT and regional VPs to drive action where Compliance gaps have been identified.
Develop annual Compliance roadmaps including major assessment milestones and communicate to key stakeholders to ensure resource commitments are anticipated.
Coordinate IHGs corporate Security Compliance activities, including PCI-DSS, SWIFT and other security-related regulatory requirements. Provide regular reports to stakeholders to drive action and remediation in addressing gaps.
Drive the PCI-SAQ compliance program for IHG Corporate Managed Hotels; facilitate collection of annual CMH assessments and provide gap reporting to Regional VPs
Drive Compliance capability enhancements/improvements on the GRC tool to streamline processes and efficiencies. Work with the policy and risk teams to align processes when possible.
Align security controls with the Unified Compliance Framework, IHG policies and standards. Automate control assessments leveraging the GRC tool.
Provide technical advisory services to business and technology teams concerning Security Compliance, controls and measurement. Identify areas for improvement and assist in the development of solutions.
Manage external vendors/teams conducting security assessments. Proactively gather evidence from key stakeholders prior to external assessments and automate attestations when possible.
Work closely with all IHG corporate and regional resources on the assessment of corporate technology to fully secure information, computer, network, and processing systems.
What we need from you
Education
Bachelor's Degree (Computer Information Systems preferred) or equivalent years of work experience.
Experience
5+ years progressive work-related experience in information security with a focus on Security Compliance.
Experience aligning compliance controls with security policies and standards.
Experience developing functional and technical requirements for a GRC tool.
Detailed oriented
Exceptional oral and written communication skills.
Technical Skills and Knowledge
Effective verbal and written communication skills with the ability to take complex information and present to all levels of management, staff, clients and vendors.
Hands on experience working with internal/external auditors driving Security Compliance assessments (such as a PCI ROC)
Experience managing projects/assessments, ensuring projects are delivered on time/budget.
Demonstrated experience automating compliance activities utilizing a security governance, risk and compliance (GRC) solution such as ServiceNow (including building functional/technical requirements and reports).
Demonstrated experience building process and training documentation for GRC stakeholders
Familiarity with compliance regulatory requirements for PCI, SOC, SOX. SWIFT
Certifications such as CISA, CISM, CISSP preferred, but not required.
What we offer
Well reward all your hard work with a great salary and benefits including great room discount and superb training.
Join us and youll become part of the global IHG family and like all families, all our individual team members share some winning characteristics. As a team, we work better together we trust and support each other, we do the right thing and we welcome different perspectives. You need to show us you care, that you notice the little things that make a difference to guests as well as always looking for ways to improve - click here to find out more about us.
IHG is an equal opportunity employer: Minorities / Females / Disabled / Veterans
Report This Job