Senior Advisor, Security Controls and Compliance

Role Summary:

Responsible for driving efficiencies across the Security regulatory Compliance programs, including PCI DSS, SOX, SOC1 and SWIFT. Foster a security controls culture to reduce overall cyber risk to IHG, ensuring control owners understand and are held accountable to operating required controls. Build strong partnerships across IT, Security and the business and influence others in order to mature the program and maintain regulatory compliance, while minimizing stakeholder impact.

Your Day to Day:

• Manage external assessors for security assessments (IT SOX, SOC1, SOC2, PCI, SWIFT) and drive control measurement automation for regulatory compliance controls.
• Liaise with SVP and VP stakeholders across Information Security, Technology Services, and various business units to enhance security policy adherence and drive action on Compliance gaps.
• Drive efficiencies in PCI, SOX, SOC1, SOC2 and SWIFT audits, ensuring accountability and quality in audit evidence and responses.
• Provide advisory support and oversight for remediation efforts and educate control owners to ensure security is built into operational processes.
• Maintain internal security controls framework and communicate compliance metrics and updates to executive-level audiences.

What We Need From You:

• 5-10 years of experience in information security, public accounting, or internal audit, focusing on IT controls audits and assessments, with strong knowledge of technology infrastructure.
• Preferred certifications include CISA, CISM, CISSP, or PCI ISA/QSA, along with advanced knowledge of IT control frameworks and regulations (e.g., PCI, SOX, NIST).
• Exceptional verbal and written communication skills, capable of presenting complex information to various management levels and stakeholders.
• Hands-on experience with internal/external auditors for security compliance assessments and demonstrated ability to automate compliance activities and manage projects effectively.
• Knowledge of security processes (e.g., identity management, vulnerability management) and experience with GRC platforms like ServiceNow, along with strong relationship-building skills.

The salary range for this role is $100,000 - $136,000. This role is also eligible for bonus pay (as applicable). We offer a comprehensive package of benefits including paid time off, medical/dental/vision insurance, 401K, and other benefits to employees. 

#LI-CL1