Manager of Security Compliance
Travelclick
 Orlando, FL

Job Overview

TravelClick is seeking an experienced individual to fill a Manager of Security Compliance full-time position. This role will be the forefront leader to help maintain our high standard of security compliance in a rapidly changing, fast paced environment. As the Manager of Security Compliance, you will be leading the Security Compliance team. You will be working cross-functionally at all levels across the enterprise to ensure the security compliance strategy is being implemented effectively and in a timely manner. You will work proactively with the teams to ensure we build and maintain our compliancy commitments and follow best practices to deliver the peace of mind our customers depend on.

This role is both broad and deep, requiring technical and process knowledge. Security Risk Management as well as the ability to manage security initiatives through collaboration with project managers and technical leaders will be a key focal point of this role. The Manager of Security Compliance will ensure information security policies and standards are rolled out through the enterprise while maturing and leading our compliance program. This position will report to the Amadeus Hospitality Chief Information Security Officer with frequent interaction with the TravelClick CIO as well as other senior technical and business leaders.

Functional Description

Responsibilities

  • Manage and lead the Security Compliance team
  • Lead the successful completion of 3rd-party audits based on PCI-DSS
  • Manage relationship with external and internal auditor entities
  • Maintains current knowledge and understanding of PCI-DSS and GDPR
  • Implement and lead security and compliance projects and initiatives based on strategy and scope set by the Information Security Officer
  • Lead and mature the TravelClick compliance program
  • Manage security initiatives and tasks involving key vendors
  • Maintain awareness of security posture of key vendors conducting vendor security risk assessments and tracking and reporting on KPIs and metrics
  • Complete security related items on RFP's and RFI's
  • Facilitate the rollout of security policies and standards
  • Track and complete customer security requests and inquiries within appropriate, and often aggressive, timeframes
  • Collaborate with Amadeus Legal Services to review customer and vendor contracts to ensure that information security requirements are met
  • Ability to learn and maintain knowledge on GDPR an associated data privacy law to ensure compliancy in operations and products
  • Ability to learn and maintain knowledge on accessibility and disability law and regulations such as ADA
  • Provides meaningful input on security & privacy matters to leadership, including preparing effective presentations and communications regarding security matters
  • Liaise between process owners, stakeholders, internal and external auditors to coordinate audit scoping, evidence gathering, testing approach, results and deficiency remediation
  • Mature the compliance program for TravelClick to proactively address, monitor, and report on audit status and compliance gaps. Own the compliance roadmap, objectives, and work plan
  • Address customer inquiries on audit and compliance
  • Translates requirements for implementation and ongoing management
  • Coordinate the rollout of security risk management according to corporate policy and standards
  • Other duties as assigned

What we are looking for

Basic Qualifications

  • High School Diploma/ GED required
  • A minimum of 1-year experience in managing teams
  • Experience with PCI-DSS
  • Experience building and running a successful PCI program
  • 4

    • years information security experience

  • 4

    • years security risk management experience

Additional Characteristics

  • Bachelor's degree or higher from an accredited institution or relevant work experience
  • Experience with ISO27001 preferred
  • Information Security: CISSP, CISM certification preferred
  • Compliance: CISA, PCI ISA, PCI Professional or similar certification preferred
  • Excellent written and verbal communication skills, including group leadership and executive presentations
  • Ability to establish positive relationships quickly; work effectively cross-functionally
  • Ability to influence others into action that do not directly report to you
  • Outstanding organizational skills and ability to prioritize
  • Work well under pressure by effectively managing multiple priorities and initiatives in a fast pace environment
  • Strong integrity and ethical behavior
  • Experience in the technology, hospitality and or travel industry preferred but not required

#LI-JN1

EEO Statement

“All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.“

Note to Applicants

IMPORTANT: We contact all applicants via email throughout the hiring process. It is recommended that you add iCIMS (@agents.icims.com) to your Approved/Safe Sender list to ensure that our emails are properly delivered to your inbox and not marked as spam. Please click here for instructions on whitelisting iCIMS.