Manager, Information Security Risk in Miami, FL at Royal Caribbean Cruises Ltd.

Date Posted: 6/1/2019

Job Snapshot

Job Description

 

Manager, Information Security Risk
Position Summary:

  • Royal Caribbean Cruises, LTD. (RCCL) is seeking a Manager, Information Security Risk to be the information security risk thought leader and team manager responsible for leading, developing, managing, and communicating information security risk to a NIST CSF based governance structure. 
  • The successful candidate for this position will champion and develop a risk management methodology that informs management of IT risk across the globe. 
  • This position will requires superior communication, networking, leadership and risk management skills.  
  • RCCL is regulated globally so the manager should have great working knowledge of country specific privacy laws.

Essential Duties and Responsibilities:

  • Thought leader and creator of the information security risk program globally.  Facilitates business and IT leaders to risk/reward NIST based methodology.
  • Establish goals for the team of IT risk professionals that manage information security system and third-party risk program working alongside leaders to control information security risk for the organization.
  • Balances risk with reward of business process to ensure security while maintaining agility within IT lifecycles.
  • Creates, maintains, and reports metrics related to information security risk program.
  • Collaborates closely with the governance and compliance teams as well as business and IT stakeholders to ensure that corporate goals are met.
  • Manages policy exception program and writes policy and standards related to information security risk management.
  • Manages configuration and implementation of risk toolset.
  • Ensures budgetary and fiscal integrity for risk management team.
  • Trains others on risk management best practices with fitment to RCCL business and operational model.
  • Maintains risk management leading practices to inform program direction.
  • Reviews and opines on security contract language to align with information security policy.

Financial Responsibilities:

  • Ensures that information risk toolset aligns with department budget.
  • Manages senior level individual contributors, approves expenses, and manages employee compensation within corporate guidelines.

Qualifications:

  • Bachelors in Information Technology/Security, Computer Science is preferred, non-technical degrees with Computer Science fundamentals will be consider combined with technology experience.
  • At least one Information Security certification such as CISSP, CRISC, GIAC, etc. required.
  • Lean Six Sigma green belt or greater preferred.
  • 3-5 years of Information Security Risk experience.
  • 5 years of Information Technology experience.
    5 years’ experience in managing small teams and projects. 
  • Superior written and verbal communications required.

 

Job Requirements

Knowledge and Skills:

  • Expert with Microsoft Office suite of applications, ability to convert raw technology metrics into meaningful reports at an executive level.
  • IT engineering or security technical background preferred
  • Practiced at creating purposeful metrics, KRI¿s/KPI¿s that convey risk messages and identify areas for improvement that are actionable by executive teams.
  • Knowledge of information security frameworks such as NIST, ISO, FISMA, etc.
  • Knowledge of risk frameworks such as Octave, FAIR, ISACA RiskIT, ISO 27005, and /or NIST 800-30 or 800-37.
  • Knowledge of global privacy laws, regulations, and guidelines.
  • Ability to articulate risk to employees and third parties at all levels within and outside the organization.

Physical Demands:

  • Should be able to show up at office environment and work at least 8 hours a day for 5 days a week.


Work Environment:

  • Up to 10% travel internationally may be required.

 

Stay Connected!

If you’re interested in career opportunities, but not ready to apply, join our Talent Network to stay connected to us and receive updates on the latest job opportunities and company news.

Cruise