Director, Governance, Risk & Compliance

🕒 vor 11 Tagen

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Accommodations Plus International

WebsiteLinkedInAlle Stellen

201 - 500 Mitarbeiter

Gegründet 1984

💰 Private Equity Round im 2018-08

Travel • Technology • Transportation

Accommodations Plus International ist ein Unternehmen, das sich darauf spezialisiert hat, effiziente Layover-Erlebnisse für Flugzeugbesatzungen durch integrierte Technologie und Dienstleistungen bereitzustellen. Sie betreiben ein globales Netzwerk und beziehen Unterkünfte von über 600. 000 Hotelpartnern weltweit und bieten 24/7 Kundensupport. Ihre firmeneigenen Lösungen sind auf die besonderen Bedürfnisse des Luft- und Bahnverkehrs zugeschnitten und gewährleisten reibungslose Abläufe bei der Hotelbuchung und Besatzungsverwaltung.

Beschreibung

• Lead organization-wide risk analysis, maintaining a risk register with documented remediation and mitigation plans. • Serve as the primary advisor on information security risks to security management and business unit leads. • Establish and own the strategy for managing security audits, compliance checks, and external assessments — including GDPR, SOC 2, ISO 27001, CCPA, and other applicable standards. • Liaise with internal and external auditors to implement and sustain required controls. • Build and manage a comprehensive vendor risk program, evaluating the cybersecurity and data protection controls of third parties, vendors, and business partners. • Drive ongoing security program improvement by amplifying areas of strength and developing actionable plans to address gaps. • Lead data governance and data protection programs, ensuring alignment with enterprise risk management principles and up-to-date documentation of systems and processes. • Facilitate IT compliance across identified controls, including IT general controls (ITGCs), application, cloud, and cybersecurity controls. • Document, communicate, and enforce security policies that balance risk with business operations. • Champion cybersecurity best practices across all business units to reduce the organization’s attack surface. • Oversee GRC-related incident response activities, tracking occurrences and resolutions with strict documentation and reporting protocols. • Manage the access review process to ensure appropriate access is consistently granted, maintained, and revoked.

🎯 Anforderungen

• 7–10+ years of experience in cybersecurity, spanning security analysis, compliance and regulatory affairs, risk management, or audit. • Demonstrated experience leading and managing GRC programs, including risk registers, remediation planning, and executive-level reporting. • Proven track record managing security audits and assessments for SOC 2, ISO 27001, GDPR, CCPA, and other standards; familiarity with PCI, HITRUST, and GLBA is a plus. • Hands-on experience with vendor and third-party risk management programs, including evaluation of cybersecurity and data protection controls. • Experience with incident response tracking, documentation, and reporting. • 2+ years of experience with AWS and/or Microsoft Azure cloud security configuration and management preferred.

🏖️ Vorteile

• Medical, Dental, and Vision insurance • Flexible Spending Accounts for childcare and healthcare • 401(k) with matching • Basic Life Insurance and voluntary options including short-term disability, hospital, accident, and pet discounts at select hotels