Aimbridge Corporate - IT Governance, Risk & Compliance Manager

Job Summary

Reporting to the Chief Information Security Officer (CISO), the Information Security Governance, Risk, and Compliance (GRC) Manager is A highly motivated, flexible, positive, collaborative, hands-on self-starter with strong attention to detail, exceptional organizational skills and the ability to multi-task and prioritize. Strong leadership presence, technical acumen and proven credentials, preferably in previous highly regulated industries but with the ability to tailor approach and requirements that are right sized to meet Aimbridge organizational objectives and operating model. They will be responsible for working with various IT department and business unit leaders to define, develop, implement and maintain appropriate IT General Controls (IT) and various security, privacy and compliance initiatives in support of both Aimbridge corporate and Aimbridge hotel property operations.

QUALIFICATIONS:

Education & Experience

• Bachelor's degree in related field or equivalent work experience
• Prior hospitality industry experience is a plus.
• 6+ years in an Information Security, Risk Management, Audit or Compliance related role, preferably in a highly regulated industry or with public audit, regulatory and compliance requirements.
• Prior successful, regular exposure and interactions to and with senior level business unit leaders.
• Strong understanding of information security concepts, security audit and risk management frameworks.
• Experience implementing and overseeing programs that are effectively right sized in terms of risk and controls.
• One or more of the following certifications is required: CISA, CISSP, CRISC, HITRUST CCSFP, CIPP or CIPM. Having a PMP or Six Sigma certification is a plus.
• Excellent judgment and decision-making skills.
• The ability to remain flexible when working under changing priorities
• Consistently meet deadlines without prompting
• A collaborative, team player that can build strong partnerships, motivate and manage others, and ensure assigned tasks and deliverables are being accomplished, reported and completed.
• A polished, professional, friendly, and approachable demeanor.
• Basic Program, Portfolio, & Project Management skill sets to ensure committed objectives are achieved.
• Strong written, verbal and presentation communication skills.
• Unquestionable integrity.
• Apply a pragmatic, risk-based lens when designing controls and processes.
• Be a self-starter and have initiative to track down and identify needs and opportunities for implementation of GRC controls.

JOB RESPONSIBILITIES:

Job Duties & Functions

• Build collaborative, respectful, trusting relationships with IT, business unit leaders, and teams to facilitate communication and meet business objectives.
• Remain current with retail, hospitality, travel, credit card, regulatory, and legal requirements relevant to technology, security, compliance, and privacy.
• Seek opportunities to drive automation and efficiencies across our programs while enhancing our overall risk management posture.
• Design, build, and operationalize risk management and compliance programs, policies, and processes to raise the overall security of Aimbridge Hospitality.
• Support internal and external processes to ensure compliance with programs such as SOC-1, SOC-2, Brand Security Standards, PCI, and privacy programs such as CCPA/CPRA, GDPR, PIPEDA, etc.
• Perform compliance assessments on new and existing systems, processes, and technology.
• Collaborate with operational and business unit teams to ensure IT are designed appropriately and are operating effectively.
• Conduct reviews to identify gaps and drive remediation requirements to closure. Maintain accurate reporting of remediation activities to bring appropriate visibility to leadership.
• Manage the IT Change Management Program and lead the weekly Change Advisory Board (CAB) meetings and processes.
• Provide support and oversight for the Aimbridge Identity Access Management (IAM) program.
• Manage and support the Information Security Awareness Training Program.
• Oversee Aimbridge GRC Tool and continue to grow its scope and use.

After an initial waiting period, those hired into full time positions are eligible for a competitive benefits package that includes the following:

• Now offering Daily Pay! Ask your Recruiter for more details
• Medical, Dental, and Vision Coverage
• Short-Term and Long-Term Disability Income
• Term Life and AD&D Insurance
• Paid Time Off
• Employee Assistance Program
• 401k Retirement Plan

PROPERTY INFORMATION:
Aimbridge Hospitality is a leading, global hospitality company with a growing hotel portfolio representing more than 1,500 properties in 50 states and 23 countries. As a top hospitality employer, we are a great place to unlock your future, providing unparalleled opportunities for you to reach places in your career you might have never imagined were possible - more opportunities to help create memorable experiences, ways to succeed, and great people to inspire you. Aimbridge Hospitality is based in Plano, TX, with additional corporate offices in Atlanta, Calgary, Fargo, Puerto Rico, San Clemente, and Washington D.C. Aimbridge EMEA has offices in Birmingham and Glasgow, UK, and Amsterdam, the Netherlands; Aimbridge LatAm has offices in Monterrey, Mexico.

Application deadline for Colorado positions: