CrawlJobs Logo
Marriott Bonvoy Logo Marriott Bonvoy · IT - Administration

Senior Director, Information Security – Compliance Program

United States, Bethesda Employment contract 151100.00 - 239100.00 USD / Year · Job Posted June 15, 2026
Apply Position
Job Link Share

Job Description

The Sr. Director, Global Information Security (GIS) Compliance Program is a key member of the GIS leadership team responsible for the enterprise alignment to our cyber regulatory and/or settlement agreements. They will lead an organization that coordinates tactical efforts across the company to provide visibility into our Information Security Program to settlement agreement, monitoring a portfolio of projects needed to maintain compliance. This includes the management testing of the Information Security Program, monitoring and reporting of compliance to the provisions, driving actions needed to maintain compliance and adhere to the obligations. Ensures executive awareness and compliance through management of program KPI/KRIs to ensure that we are adhering to order obligations.

Job Responsibility

  • Information Security Compliance and Settlement Program Leadership
  • Reporting and Management of portfolio of projects or remediations linked to regulatory commitments needed to maintain compliance to the Settlement agreement
  • Manage testing of ISP controls
  • Provide results that can serve settlement purposes
  • Work with teams to standardize processes for monitoring, metrics and reporting for compliance efforts for regulatory commitments
  • Provide visibility to the settlement program and activities to leadership
  • Raise and mitigate risks to compliance to the regulatory commitments
  • Ensure compliance activities are aligned or integrated as much as possible with the Information Security Program & processes and Risk Assessments
  • Develop and lead a high functioning team that leverages program management expertise, best practices and analytics to manage portfolio
  • Review key initiatives to ensure alignment with legal agreements and cyber risk program
  • Partner with senior leaders to facilitate portfolio management effectiveness
  • Supervise all aspects of department performance
  • Determines the priorities, goals, plans and resources to ensure delivery of effective project and portfolio management function
  • Sets goals and expectations for direct reports using the performance review process
  • Make and execute the necessary decisions to keep moving forward toward achievement of goals
  • Create a synergistic leadership team and environment that consistently delivers positive results and continuously strives to improve these results
  • Provide targeted and timely communication of results, achievements and challenges to direct reports, peers, and leaders
  • Inspires and motivates team to achieve operational excellence
  • Communicate a clear and consistent message regarding goals to produce desired results
  • Plan, develop, implement, and evaluate the quality of the teams’ operations to ensure a flexible and scalable organization
  • Develops and Enables Program Management Capabilities
  • Lead the development and implementation of tools and processes to manage Program & Project risks and interdependences, Benefits realization/Settlement alignment, Project estimates and costs, Resources and metrics
  • Lead efforts to design a risk management approach for the program and establish processes to manage adherence to risk management processes
  • Work with teams facilitate the development of actionable work plans, deployment models, and resource allocations to maintain compliance with the intent of the consent agreement
  • Establish and implement processes to communicate program and MBO performance
  • Define program management roles and the related refinement and management of settlement agreement portfolio and management of KPIs and metrics
  • Identify key drivers of success and keeps the team focused on those that are critical to achieve results
  • Review goals and strategies to ensure alignment with the discipline and GT roadmaps
  • Develop and implement strategies that enable Marriott to deliver products and services to meet or exceed the needs of the business aligning to settlement agreement and reducing the cybersecurity risk posture of the company
  • Manage Quality & Governance
  • Participate with Governance Forums to enable management of the cross program initiatives related to settlement compliance
  • Ensure that the appropriate metrics and analyses are conducted and that communications protocols are established to keep stakeholders informed
  • Cultivate a High-Performing Team
  • Create a compelling vision, clear direction and strategy for the team
  • Generate enthusiasm and understanding of the information security vision and how each role contributes to the achievement of that vision
  • Continuously improve program, team, and job structures and ensures clear leadership accountabilities are in place
  • Ensure capabilities are developed and resources are aligned to support the strategy
  • Attract, motivate, develop and retain highly skilled leaders
  • champion and model leadership development
  • Set goals and expectations for direct reports using the performance review process and holds staff accountable for performance goals
  • Hold leaders accountable for building teams with the appropriate mix of talent and skills to drive innovation and performance
  • Cultivate direct reports and their teams, supporting their growth and development plans
  • Create and sustain a work environment that drives associate engagement and enables business success
  • Ensure appropriate processes are in place and executed to drive collaboration and alignment within the team and with the broader IT organization
  • Facilitate regular, ongoing communication and collaboration with your team and across the organization
  • Serve as a role model and ensure all information security leaders are visible and effective partners with IT counterparts, broader Marriott stakeholders, and service providers
  • Utilize an “open door policy” and review employee satisfaction results to identify and address employee problems or concerns

Requirements

  • Bachelor's degree in Cybersecurity, Business Administration or a related field or equivalent experience
  • 10+ years of leadership experience in Information Technology and/or Consulting including
  • 5+ years of experience managing complex, multifunctional technology or security initiatives
  • 5+ years of experience in portfolio or program management and governance reporting at executive levels
  • Prior experience with compliance programs and/or government or legal compliance requirements
  • Ability to influence others, including those at senior organizational levels

Nice to have

  • Graduate/post graduate degree or legal degree preferred
  • Exceptional portfolio or program management competence and skills
  • Excellent verbal and written communication skills with the ability to articulate complex ideas in easy to understand business terms
  • Ability to distribute, assign and ensure completion of work throughout various teams without direct management authority
  • Strong analytical skills for planning, estimating, budgeting and monitoring program/project work
  • Ability to form and foster high performing teams
  • Ability to accomplish results through others, particularly by establishing relationships and effective controls
  • Strong negotiating, influencing and problem resolution skills
  • Proven ability to effectively prioritize and execute tasks in a high-pressure environment
  • Project Management Professional (PMP) certification, portfolio or similar certifications

What we offer

  • 401(k) plan
  • stock purchase plan
  • discounts at Marriott properties
  • commuter benefits
  • employee assistance plan
  • childcare discounts
  • medical, dental, vision
  • health care flexible spending account
  • dependent care flexible spending account
  • life insurance
  • disability insurance
  • accident insurance
  • adoption expense reimbursements
  • paid parental leave
  • educational assistance
  • paid sick leave
  • PTO
Marriott Bonvoy - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Director, Information Security – Compliance Program

8 matching positions

Senior Director - Health Information Management

Responsible for strategic oversight and operational leadership of Coding, Clinic...
Location
Location
United States , Miramar
Salary
Salary:
Not provided
mhs.net Logo
Memorial Healthcare System
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelors
  • Registered Health Information Administrator (RHIA) - American Health Information Management Association (AHIMA)
  • Registered Health Information Technician (RHIT) - State of Florida (FL)
  • Ten (10) years of experience in a healthcare setting, with a significant portion in Health Information Management (HIM), clinical coding, and/or Clinical Documentation Improvement (CDI), including five (5) years in a leadership role.
Job Responsibility
Job Responsibility
  • Oversees the development and implementation of departmental strategy, goals, plans and standards consistent with the clinical, administrative, regulatory, and ethical requirements of the organization
  • Ensures overall adherence to MHS policies, governmental and regulatory requirements and accreditation standards
  • Responsible for providing operational leadership regarding the electronic medical record system and other HIM related applications, including computer-assisted coding, medical transcription and document imaging
  • Oversees the implementation and ongoing performance of the coder intern training program
  • Maintains strict adherence to patient confidentiality according to MHS Standards and regulatory requirements
  • Oversees HIM custodial responsibility for the storage, release, and confidentiality of the legal medical record in both paper and electronic formats
  • Provides professional expertise to the Privacy Department related to patient identity/fraud issues and patient requests for medical record amendments
  • Collaborates regularly with key stakeholders in the organization to promote communication, support revenue integrity, improve business processes, ensure reliability of internal and external reporting, and promote standardization across the healthcare system
  • Leads departmental operational and financial planning to ensure cost-efficient operations and to maximize profitability
  • Plans, organizes, manages and facilitates various budgets for HIM and Document Imaging including capital, operating, labor, and position control
  • Fulltime
Read More
Arrow Right

Senior Director of Information Technology

This is a full-time position based at our main office in Overland Park, KS. You ...
Location
Location
United States , Overland Park
Salary
Salary:
Not provided
ariacarepartners.com Logo
Aria Care Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BA/BS degree in Computer Science, Engineering, or related field
  • 10+ years of progressive experience in IT leadership roles
  • Extensive experience with AWS and/or Azure cloud platforms (data architecture, data models, data lakes)
  • Experience designing and supporting HIPAA-compliant systems and PHI data environments
  • Experience leading cybersecurity programs and enterprise security tools
  • Preferred experience in Financial Services/Insurance in addition to healthcare experience
  • Ability to work independently and effectively in a collaborative leadership environment
  • Strong analytical, problem-solving, and organizational skills
  • Excellent written and verbal communication skills with the ability to explain complex technical topics to non-technical audiences
  • Demonstrated attention to detail and commitment to quality
Job Responsibility
Job Responsibility
  • Provide strategic oversight of cloud infrastructure across AWS and Azure, including system availability, scalability, security, and cost management
  • Oversee platforms responsible for integrations between internal systems (e.g., NextGen EMR, Salesforce) and external systems (e.g. e-payments portal, vendor partners)
  • Oversee the design, management, and governance of data lakes and data layers that store and secure HIPAA-protected PHI
  • Serve as the primary thought leader and subject matter expert for cloud infrastructure architecture, design, and maintenance
  • Provide strategic leadership of the enterprise cybersecurity program, including security tools, threat prevention, employee education, and incident response
  • Oversee evaluation and implementation of security features and tools to enhance data protection on existing platforms
  • Ensure compliance with HIPAA and other applicable privacy, security, and regulatory requirements
  • Oversee enterprise IT operations and support functions, including IT Help Desk (Tier 1, Tier 2, Tier 3), hardware provisioning, user access and license management, application support, networks, firewalls, servers, and endpoint infrastructure
  • Ensure stability and scalability within the systems and infrastructure throughout ACP’s environments
  • Plan for, and manage, costs to ensure cost-effective implementation and support of the business
What we offer
What we offer
  • Paid Time Off (PTO), which starts accruing from your first day at work
  • Generous paid holiday schedule, including a FULL WEEK OFF at Christmas
  • 401k Retirement Plan with 100% Company Match on your first 4%
  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Pet insurance
  • Company match for Health Savings Account (HSA)
  • Flexible Spending Account (FSA)
  • Company paid Employee Assistance Program (EAP)
  • Fulltime
Read More
Arrow Right
New

Chief Information Security Officer

At Boeing, we innovate and collaborate to make the world a better place. We're c...
Location
Location
Australia , Brisbane
Salary
Salary:
Not provided
boeing.com Logo
Boeing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior leadership experience in cyber and information security assurance ideally within Defence, national security, or critical infrastructure
  • Proven track record of building and leading successful teams
  • Deep knowledge of ISM, DSPF, DISP, and Defence accreditation processes, as well as familiarity with ISO 27001, NIST CSF, and NIST SP 800-171 frameworks
  • Demonstrated experience securing both IT and OT environments
  • Demonstrated experience leading regulatory compliance assessments/efforts pertaining to the ASD ISM and Essential Eight cybersecurity frameworks
  • Experience presenting complex security risks, strategies, and concepts in business terms to executive leadership and Board of Directors
Job Responsibility
Job Responsibility
  • Develop and implement a comprehensive information security and cyber defence strategy across Boeing Defence Australia and other regional subsidiaries, that integrates closely with the other non-cyber security domains
  • Advise the BDA CSO, executive leadership, and program directors on cyber risk management, threats, mitigation strategies and security investment
  • In close collaboration with Enterprise cybersecurity teams, ensure alignment between Australian requirements and Boeing global security standards
  • Ensure compliance with the ISM, DSPF, DISP, ASDEFCON security clauses, and Defence accreditation processes
  • Oversee IRAP assessments, system security plans, risk assessments, and continuous monitoring programs ensuring consistent implementation of ASD Essential Eight maturity targets
  • Lead cybersecurity for all IT and OT environments across Boeing Australia, including manufacturing systems, mission systems labs, sustainment facilities, and unmanned systems operations
  • Drive secure-by-design engineering for ICT, OT, cloud, and cross-domain solutions
  • Develop and oversee the Australian cyber defence capability, including SOC operations, threat intelligence, and incident response
  • Coordinate cyber incident management across BDA and other supported subsidiaries, in conjunction with local Boeing global IT and cyber teams, ensuring timely regulatory reporting is undertaken
  • Provide cybersecurity assurance for bids, platform upgrades, and sovereign capability programs
What we offer
What we offer
  • Competitive base pay and incentive programs
  • Industry-leading tuition assistance program pays your institution directly
  • Resources and opportunities to grow your career
  • Up to $10,000 match when you support your favorite nonprofit organizations
  • Fulltime
Read More
Arrow Right
New

Vp Of Information Security & Risk Management

We are looking for an accomplished security executive to lead the organization’s...
Location
Location
United States , Nashville
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive leadership experience in information security, cybersecurity, risk management, or a closely related executive function
  • Demonstrated success creating enterprise security strategies and translating them into scalable programs and operational results
  • Strong knowledge of governance, risk, and compliance practices, including policy development, control oversight, and audit support
  • Experience leading executive-level incident response coordination and working across technical and business teams during high-impact events
  • Ability to engage effectively with senior leadership, clients, vendors, legal teams, and cross-functional stakeholders on security and risk matters
  • Familiarity with core security technologies and concepts, including network security tools such as Cisco ASA Firewall and broader cyber defense practices
  • Proven leadership capabilities in building teams, developing talent, and driving accountability within complex organizational environments
  • Working knowledge of IT strategy and the ability to collaborate within Agile Scrum or similarly structured delivery environments
Job Responsibility
Job Responsibility
  • Develop and lead a company-wide information security and risk management roadmap that supports strategic business objectives and long-term growth
  • Convert executive priorities into practical security programs, measurable initiatives, and effective control frameworks across the enterprise
  • Establish meaningful performance and risk metrics to evaluate security maturity, track progress, and inform leadership decisions
  • Direct governance, risk, and compliance activities by maintaining policies, standards, and control practices that meet regulatory and organizational expectations
  • Oversee audit preparation, regulatory reviews, and corrective action plans to ensure timely remediation and sustained compliance
  • Provide executive leadership during cybersecurity incidents by guiding escalation, communication, containment, and recovery efforts
  • Lead senior security teams responsible for monitoring threats, managing vulnerabilities, and reducing enterprise risk through coordinated operational execution
  • Represent the organization in security-related discussions with clients, vendors, and business partners, including assessments, due diligence, and contractual security matters
  • Build and develop a high-performing security leadership structure by mentoring managers and directors, setting priorities, and aligning resources to business needs
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right
New

VP of Information Security & Risk Management

We are looking for an accomplished security executive to lead the organization’s...
Location
Location
United States , Nashville
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive leadership experience in information security, cybersecurity, risk management, or a closely related executive function
  • Demonstrated success creating enterprise security strategies and translating them into scalable programs and operational results
  • Strong knowledge of governance, risk, and compliance practices, including policy development, control oversight, and audit support
  • Experience leading executive-level incident response coordination and working across technical and business teams during high-impact events
  • Ability to engage effectively with senior leadership, clients, vendors, legal teams, and cross-functional stakeholders on security and risk matters
  • Familiarity with core security technologies and concepts, including network security tools such as Cisco ASA Firewall and broader cyber defense practices
  • Proven leadership capabilities in building teams, developing talent, and driving accountability within complex organizational environments
  • Working knowledge of IT strategy and the ability to collaborate within Agile Scrum or similarly structured delivery environments
Job Responsibility
Job Responsibility
  • Develop and lead a company-wide information security and risk management roadmap that supports strategic business objectives and long-term growth
  • Convert executive priorities into practical security programs, measurable initiatives, and effective control frameworks across the enterprise
  • Establish meaningful performance and risk metrics to evaluate security maturity, track progress, and inform leadership decisions
  • Direct governance, risk, and compliance activities by maintaining policies, standards, and control practices that meet regulatory and organizational expectations
  • Oversee audit preparation, regulatory reviews, and corrective action plans to ensure timely remediation and sustained compliance
  • Provide executive leadership during cybersecurity incidents by guiding escalation, communication, containment, and recovery efforts
  • Lead senior security teams responsible for monitoring threats, managing vulnerabilities, and reducing enterprise risk through coordinated operational execution
  • Represent the organization in security-related discussions with clients, vendors, and business partners, including assessments, due diligence, and contractual security matters
  • Build and develop a high-performing security leadership structure by mentoring managers and directors, setting priorities, and aligning resources to business needs
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • free online training
  • Fulltime
Read More
Arrow Right

Senior Director of Data Center Operations

Microsoft’s Cloud Operations & Innovation (CO+I) is the engine that powers our c...
Location
Location
United States , Fauquier County
Salary
Salary:
140200.00 - 277200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Qualification or equivalent AND 10+ years experience of mission-critical service management (e.g., providing IT services, manufacturing, warehouse, retail, military, or managing physical operations in an IT and/or critical environment infrastructure) OR equivalent experience
  • 3+ years people management experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Must pass Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • Verification of U.S. citizenship
Job Responsibility
Job Responsibility
  • Empowering a culture of safety, security, and compliance, respect, integrity, and accountability in all aspects of datacenter activities
  • Accountability for the ongoing IT and Critical Environment (CE) support for all service lines ensuring the on-time and defect-free delivery of customer capacity within our SLA commitments
  • Responsibility for the planning and delivery of all supporting physical infrastructure, logistics, and the resources required to meet anticipated growth
  • Financial management of portfolio including the development of detailed budgets, forecasts, and management of operational and capital spend
  • Management and oversight of all vendor/partner contracts and relationships including leased-facility landlords, IT and CE service providers, and other support teams
  • Overseeing secure and compliant logistics, asset destruction, and asset management services and programs across the AGC DC Ops portfolio
  • Overseeing AGC datacenter service engineering focused on optimizing IT services’ time on task and resolving blocked tickets with AGC product/software engineering groups
  • Regularly meeting with AGC customers to present AGC and datacenter capabilities, services, and concepts of operations for either approval or security compliance review purposes
  • Delivering learning and development and training programs for your AGC DC Ops staff
  • Overseeing an AGC datacenter controls systems engineering program that incorporates and ensures compliant patching in accordance with Microsoft and customer requirements
  • Fulltime
Read More
Arrow Right

Privacy Compliance Director

The Privacy Compliance Director owns and governs the global Privacy Compliance p...
Location
Location
United States Of America , Newton
Salary
Salary:
122000.00 - 140000.00 USD / Year
brighthorizons.com Logo
Bright Horizons
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10 years experience in supporting Privacy Compliance and Risk Management team, managing a large portfolio of asset, vendor, and PIA assessments for a large multi-national corporation with limited oversight
  • 7 years experience using and/or configuring Governance, Risk & Compliance tools such as OneTrust and TrustArc to perform assessments and risk management
  • Bachelor's Degree in Law, Information Security, Accounting, Information Systems degree. 5+ years of additional experience would be considered in lieu of degree.
Job Responsibility
Job Responsibility
  • Owns and drives privacy accountability and compliance across the company by administering effective processes and leadership oversight.
  • Defines and evolves the enterprise privacy compliance strategy, enterprise-wide standards for global assessment methodologies, risk scoring, and reporting.
  • Manages, and performs, vendors and asset assessments across all locations.
  • Collaborates with internal stakeholders, external consultants, and vendors to clarify assessment responses, evaluate risks, and agree treatment plans.
  • Creates and manages risks for the Privacy and Information Security teams.
  • Develops and maintains process and procedure documentation for areas of responsibility.
  • Provides guidance to business partners on the implementation and adherence to privacy by design related concepts, policies and procedures.
  • Sets direction and oversees the use of Privacy Management Tools (OneTrust, Teams, ADO, SharePoint).
  • Utilizes the privacy management tools to ensure optimization of documentation of and reporting on the global privacy compliance program.
  • Guides team with requirements documentation, conduct, coordinate and execute system test plans.
What we offer
What we offer
  • Medical, dental, and vision insurance
  • Paid vacation, sick, holiday, and parental bonding leave
  • 401(k) retirement plan
  • Long-term and short-term disability insurance
  • Life insurance
  • Money-saving discounts and financial planning tools
  • Tuition assistance and education coaching
  • Caregiving support and resources for the children and adults in your family
  • Fulltime
Read More
Arrow Right

Program Security Representative (PSR) I

The Air Force (AF) Special Access Program (SAP) Security Support Services (SSS) ...
Location
Location
United States , Washington
Salary
Salary:
Not provided
gTANGIBLE Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in a related area and 5-7 years of related experience OR Associates Degree in a related area and 7-9 years of related experience OR 9-11 years of equivalent experience without a degree.
  • Security Fundamentals Professional Certification (SFPC) counts towards 3 years of experience
  • Special Program Security Certification (SPSC) counts towards 5 years of experience
  • Maximum equivalent experience for Security Professional Education Development (SPED) Certifications is no more than 5 years
  • SAP experience desired.
  • Prior active duty in the U.S. Air Force a plus.
Job Responsibility
Job Responsibility
  • Ensure strict adherence to the provisions of the National Industrial Security Program Operating Manual, its Supplement, the DoD Overprint, Director of Central Intelligence Directives, Intelligence Community Directive, and SAP policy.
  • Assist in developing and executing approved policies and procedures for safeguarding SAP, SCI and collateral data in support of US military operations.
  • Provide day-to-day security support that includes continuous assessment of procedures to identify shortfalls and provide appropriate recommendations for revising and improving security policies, procedures, and systems.
  • Identify vulnerabilities, threats, and risks to test, training, and operational activities.
  • Assist in developing, implementing, and training the Operations Security program.
  • Assist in providing contractor and subordinate facility assistance and oversight.
  • Brief all levels of personnel, both in the government and senior civilian services, on a variety of security related topics.
  • Conduct and document SAP facility compliance reviews, follow-on facility reviews, and facility close-outs.
  • Monitor, report and track all corrective actions resulting from compliance reviews.
  • Ensure timely notification of pertinent security matters to program technical and management staff.
  • Fulltime
Read More
Arrow Right