Information Security Architect
Join the Hotschedules team as our….Information Security Architect
HS is seeking an Information Security Architect to lead the company’s information security program. This is a hands-on role that requires a highly motivated technology professional to assess and action all technology-related security and compliance issues across the organization including information security, privacy, disaster recovery, user access and data integrity. This includes providing objective risk assessments of the company's compliance with regulatory, organizational and commercial requirements governing the organization's information technology systems. This role serves as an expert advisor to senior management in the development, implementation and maintenance of a Company-wide information security infrastructure to ensure best practice control objectives are achieved for system integrity, availability, confidentiality, compliance, accountability, and assurance.
- Responsible for owning and maintaining the company’s security program. This includes the development, testing, and implementation of appropriate security plans, products, and control techniques including the ongoing administration, monitoring, and auditing of controls.
- Identify the associated IT compliance control gaps and design, document, implement, and test the entire IT compliance control set.
- Manage, execute, and drive all required activities to obtain applicable legal and regulatory certifications, including, but not limited to, the ISO 27001, SSAE-16, GDPR, EU/US Privacy Shield, and PCI.
- Maintain, improve, and publish up-to-date security policies, standards, and guidelines, and provide for the training and dissemination of security policies and practices
- Manage the IT compliance risk assessment framework and periodically assess the regulatory, commercial and organizational, inherent and residual IT compliance risks.
- Report the levels of IT compliance risk and control effectiveness to key stakeholders such as CIO, legal management, regulators, internal/external auditors, etc.
- Coordinate and/or execute on all audit-related tasks such as ensuring the readiness of IT managers and their organizations for audit testing and ensuring the timely resolution of any audit findings.
- Analyze technology industry and market trends, and determine their potential impact on the enterprise.
Knowledge, Skills, and Requirements:
- A minimum of ten (10) years of IT experience, with at least five (5) years in an information security role that includes risk management and security compliance.
- A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials
- Experience with managing and obtaining applicable legal and regulatory requirements, including, but not limited to, the SSAE-16, GDPR, EU/US Safe Harbor, and PCI.
- Technical knowledge of networking (TCP/IP, OSI Model) and operating system fundamentals (Windows, Linux, Mac OS X, Android, iOS, etc). Experience with design and operations of security in a complex network environment including multiple data centers and cloud providers is ideal.
- Strong sense of ownership, accountability, and ability to prioritize work effectively.
- Strong leadership skills and the ability to work effectively with business managers, IT engineering, IT operations staff, legal, and audit and compliance staff and third party vendors.
- Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision.
- Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, management, and business personnel; in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies..
- Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining mitigation strategies.
- Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
- Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
- Experience in system and application technology security testing (vulnerability scanning and penetration testing).
Well-known across the globe for bringing the restaurant, retail and hospitality industries to the Cloud with our pioneering web & mobile products, superior customer service – and the people who make this happen.
Our Values: Because they are important to us!
Hospitality – We go beyond the expected to provide unparalleled experiences and help our customers do the same.
Empathy - We started in a restaurant. Service of others - both externally and internally - is in our blood.
Innovation – We never give up seeking creative ways to solve tough problems.
Community – We believe in the power of the communities we create and serve, our community of team members and in giving back to the communities we live in.
Fun – This isn’t just a job, it’s a calling, and we love it!
Accountability - We do what we say we’re going to do. If something happens to prevent that, we determine the new course and communicate quickly.
Learn more about us, our story and how we became a part of the HotSchedules family of products and services. Visit the About Us page on HotSchedules.com
Meet Some of Hotschedules's Employees
VP of Marketing
MaryKay is in charge of all of HotSchedules' marketing initiatives—making sure that the company is positioned for success and continuously attracting and retaining clientele.
Back to top