Omni Hotels Dallas, TX, USA
Feb 02, 2018
Overview Omni Hotels and Resorts creates genuine, authentic guest experiences at 60 distinctive luxury hotels and resorts in leading business gateways and leisure destinations across North America. Omni Hotels is known for its exemplary culture, authenticity to the markets in which we operate, innovation and exceptional service. Our commitment to career development has created tenure and loyalty that enables us to perpetuate our family atmosphere. Job Description The Director of Information Security and Compliance role is responsible for the implementation, operation and overall management of the IT Information Security and IT Compliance functions including: Physical and virtual Security Operations, PCI & PII Compliance, Security Administration, Security Architecture, IT Risk Assessment and IT Compliance. This hands-on oriented leadership role requires a deep level of information technology / infrastructure, application development, security and compliance knowledge. Responsibilities Leads the optimization and integration of Information Security and IT Compliance capabilities across all functions of Omni Hotels & Resorts. Provides hands-on support, as well as coaching and mentoring, to the IT team members Implements, measures and reports KPIs associated with the state of information security; reporting on Security performance against established programs to senior leadership. Evaluates and monitors external and internal threat levels, assesses the organization's defensive posture, associated risks, and implements mitigating controls and remedies. Serves as advisor to executive leadership on information security risks, IT compliance issues, and industry trends that will require prioritization, funding, and/or implementation support. Partners with Infrastructure and Operations teams to drive adoption and implementation of information security policies, procedures, standards, and incident handling processes. Develops, optimizes, and periodically tests security incident and response program. Serves as liaison with leadership, legal, compliance, and corporate risk management, to analyze new requirements, standards, and capabilities and to determine feasibility and timing of implementation of new programs and capabilities. Functions as a subject matter expert for core Information Security and IT Compliance functions. Performs other information security and compliance duties as required. Provides clear direction to achieve goals, creating an environment that fosters team commitment and employee engagement. Hires, recruits and retains superior IT talent that is required to enable and drive future growth Demonstrates exceptional written and oral communication skills and is capable of communicating to all levels and areas of the organization. Qualifications Risk Assessment and Risk Management Designs, oversees and conducts the periodic integrated risk assessments across the organization and provides enterprise reporting to the executive leadership team as needed Enhances IT risk management processes to mitigate risks that could negatively impact the confidentiality, integrity and availability of Omni Hotels & Resorts business operations, processes, systems and data. IT Compliance Leads the overall cyber security program by validating the controls implemented across all centers and administrative offices Formalizes and maintains an overall IT compliance framework Provides subject matter expertise for common IT compliance areas. Works with stakeholders to monitor regulatory changes that impact IT and leads the enterprise communications, implementation and monitoring of these requirements. Oversees periodic IT compliance assessments of key compliance risk areas Delivers and continuously improves the Information Security and Risk Management processes - providing guidance and oversight to the functional / business teams, and leading the reporting and mitigation of any findings IT Security Acts as primary security contact and liaison with all business leaders in matters relating to information security Acts as a local escalation contact for security risks, issues, and developments Implements key security programs for the business, including: Fraud Prevention & Detection, Security Incident Response and Security Investigations Security Assessments Security Advisements on key business initiatives 3rd Party Vendor Risk Assessments Security Policy Awareness Customer Compliance Security Contract Review Customer Security Credentialing and Auditing Physical Security Emergency Response Security technology deployments Attains a clear understanding of the business data lifecycle, initiatives and proactively advises management and appropriate personnel about potential risks that may have a material impact on the business, bottom line and/or operating performance Demonstrates business value related to security programs Communicates security risks in business terms that can be clearly understood at all levels of the organization Communicates, oversees and carries out technical implementations of security solutions required to meet business objectives Provides advice and counsel to the business executives regarding key initiatives that could be impacted by compliance, risk or security issues Locally leads and be directly involved in the investigation and resolution of security events, and assists with disciplinary and legal matters associated with such events Understands how to manage a security event and crisis Working Relationships: Will interact with all employees of Omni Hotels & Resorts on a regular basis, including IT and other cross-functional team-members at the Corporate Offices and property locations. Will also interact with members of the Senior and Executive Leadership teams.