VP, Global Information Security
Marriott Vacations WorldwideLocation:
The Vice President, Global Information Security is responsible for establishing and maintaining a corporate-wide information security management program to ensure that MVW information assets are adequately protected and risk levels align with and support the risk posture of the enterprise. The VP, GLOBAL INFORMATION SECURITY serves as Chief Information Security Officer, reporting to the CIO and will collaborate with executive management to determine acceptable levels of risk for the organization. The VP, GLOBAL INFORMATION SECURITY position requires a visionary leader with a good understanding of balancing information security risks with business needs and realities, and a working knowledge of information security technologies. The ideal candidate is a thought leader, a consensus builder, and an integrator of people and processes across the enterprise who will also be viewed as a trusted advisor by peers across the organization.Qualifications:
Specific Job Summary
This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. The VP, GLOBAL INFORMATION SECURITY will proactively work with business units to implement practices that meet defined policies and standards for information security. The position will also oversee a variety of IT-related risk management activities. The VP, GLOBAL INFORMATION SECURITY serves as the process owner of all assurance activities related to the confidentiality, integrity and availability of customer, business partner, employee and business information in compliance with the organization's information security policies. This responsibility also includes the development and management of the enterprise strategic security roadmap, both short-term and long-term. The VP, GLOBAL INFORMATION SECURITY must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
The VP, GLOBAL INFORMATION SECURITY is charged with the responsibility for building an accountable, information-security-conscious culture built on high-quality standards and supported by effective operational procedures as well as regular status monitoring.
Please see complete job description online.
Specific Candidate Profile (the education, experience, skills and attributes that are important for this position)How to Apply:
Minimum 10 to 12 years of relevant experience in a combination of risk management, information security, and IT positions with at least 5 years in a significant leadership role(s)
Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences
Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment
Must be a critical thinker with strong problem-solving skills
Deep understanding of the enterprise information security architecture discipline, processes, concepts, and best practices
Demonstrated consultative and collaborative approach to driving change and deploying controls and driving strategic security decisions
Knowledge and understanding of relevant legal and regulatory requirements, such as SOX, Payment Card Industry/Data Security Standards, GLBA and other relevant compliance requirements
Project management skills; financial/budget management, scheduling and resource management
Knowledge of common information security management frameworks, such as ISO 27001, ITIL, COBIT, NIST, SANS, OWASP
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Controls (CRISC) or other similar credentials; PCI-ISA certification is also desired
Comfortable multi-tasking and working in a fast-paced dynamic environment, maintain composure under pressure and have a high degree of perseverance
Well-organized and self-directed individual who is a team player that can work effectively with individuals that have diverse work styles and approaches