Role Purpose
This role is responsible for streamlining IT and Information Security Controls and requirements across regulatory compliance frameworks (e.g., SOX, SOC1, PCI, SWIFT, NIST) in order to minimize internal stakeholder impacts. This role will drive the Controls and Compliance program forward through liaising with IT, Information Security and business stakeholders as well as internal and external assessors. Additional responsibilities include identifying relevant IT risks and Controls and educating stakeholders on IT control evidence requirements and remediation options.
Key Accountabilities
- Serve as trusted controls advisor to IT, Security and business stakeholders on IT and Security risks and controls.
- Identify process efficiencies and work with control owner leadership to drive IT security control automation.
- Identify opportunities to leverage control evidence collection across multiple regulatory and Compliance assessments and frameworks (e.g., SOX, PCI, SWIFT, NIST).
- Educate control owners on control requirements and required evidence.
- Execute and support internal and external security compliance assessments to evaluate IHG’s existing Security Controls against regulatory requirements, security policies and best practices.
- Communicate security findings to business/technology leadership and provide guidance on remediation options.
- Provide regular communications and metrics to Commercial and Technology technical and business leadership to drive action where Compliance gaps have been identified.
- Support the development and maintenance of annual Compliance roadmaps and communicate to key stakeholders to ensure resource commitments are anticipated.
Key Skills & Experiences
Education
- Bachelor's or Master's Degree in a relevant field of work or an equivalent combination of education and work-related experience.
- Certifications such as CISA, CISM, CISSP or PCI ISA preferred.
Experience
- 5+ years progressive work-related experience in information security, public accounting or internal audit, with a focus on ITcontrols audits and assessments and/or controls readiness assessments. Excellent knowledge of technology infrastructure environments. Detail oriented; Exceptional oral and written communication skills.
Technical Skills and Knowledge
- Advanced knowledge of IT control framework (SOX, NIST, SOC I, GDPR, ISO, COBIT)
- Working knowledge of GRC platforms, such as ServiceNow
- Hands on experience working with internal/external auditors driving security compliance assessments (such as SOX, PCI ROC, SWIFT)
- Experience managing projects/assessments, ensuring projects are delivered on time/budget.
- Demonstrated experience building process and training documentation for stakeholders.
- Knowledge of security processes and controls such as vulnerability management, operating system Security Controls (e.g., Windows/Linux), firewalls, IDS/IPS, anti-malware, IP and network protocols.
Owns
- External Compliance Audits Coordination
- Security Compliance Assessment Process
- Security Findings Management Process
- Regulatory Transformation Projects
We’ll reward all your hard work with a great salary and benefits – including great room discount and superb training.
Join us and you’ll become part of the global IHG family – and like all families, all our individual team members share some winning characteristics. As a team, we work better together – we trust and support each other, we do the right thing, and we welcome different perspectives. You need to show us you care that you notice the little things that make a difference to guests as well as always looking for ways to improve - click here to find out more about us.
At IHG Hotels & Resorts, we are proud to be an equal opportunity employer. IHG Hotels & Resorts provides equal employment opportunities to applicants and employees without regard to an individual’s, race, color, ethnicity, national origin, religion, sex, sexual orientation, gender identity or expression, age, disability, marital or familial status, veteran status or any other characteristic protected by law.
IHG is committed to promoting a culture of inclusion where everyone feels safe, respected, and valued. We seek talent from all backgrounds to join our teams and encourage our colleagues to bring their authentic and best selves to work.
Not Applicable for Colorado Applicants.
#LI-CB1
#Hybrid