Deputy CISO

Description

Guesty is the all-in-one platform helping hospitality businesses around the world automate, optimize, and scale their operations. We’re a fast-growing global startup that’s transforming how the industry works — from guest experience to business growth.

With a powerful suite of features and integrations with 150+ industry partners — including Airbnb, Vrbo, Booking.com, Expedia, Google Travel, and many more — Guesty empowers property managers to deliver top-tier guest experiences while running more efficient, data-driven operations.

We’re proud to have over 800+ team members across 16 countries worldwide, all working together to build the future of hospitality technology.

If you’re looking to grow your career in a dynamic, global, and impact-driven environment, we’d love to hear from you.

We are seeking a highly motivated and experienced Deputy CISO to join our rapidly growing company. The GRC Manager will be responsible for ensuring the company is compliant with relevant regulations and standards, developing and implementing security policies, managing risk assessments, and ensuring compliance with relevant regulations. They also play a crucial role in incident response and maintaining security awareness across the organization. 

The ideal candidate will have a strong background in risk management, compliance, and internal controls, as well as excellent leadership and communication skills.

Responsibilities

Responsibilities:

• Policy Development & Implementation:
• Assisting the CISO in developing, implementing, and maintaining the organization's information security policies, standards, and procedures. 
• Risk Management:
• Directing and conducting ongoing risk assessments, identifying vulnerabilities, and implementing mitigation strategies. 
• Compliance:
• Ensuring IT systems, applications, and networks comply with security policies and information protection strategies. 
• Security Operations Oversight:
• Overseeing the daily operations of the Information Security Office, including areas like security operations, identity and access management, and endpoint support. 
• Incident Response:
• Serving on the cyber incident response team and leading or coordinating responses to incidents as needed. 
• Awareness and Training:
• Designing and implementing programs for user awareness and security compliance monitoring. 
• Vendor Risk Management:
• Assisting in managing the information security risk exposure related to third-party vendors and affiliates. 
• Strategic Planning:
• Inputting into the development and implementation of a comprehensive cybersecurity strategy and vision aligned with business objectives. 
• Collaboration:
• Working with other departments and stakeholders to integrate cybersecurity into the organization's overall technology strategy. 

Requirements

Requirements:

• Experience:
• Significant experience in information security, often with a focus on specific areas like risk management, incident response, or vulnerability management.  
• 5+ years of experience in cybersecurity, risk management, or compliance, with at least two years in a leading role.
• Education:
• A bachelor's or master's degree in Information Security, Computer Science, or a related field is common. 
• Certifications:
• Industry certifications like CISSP, CISM, or CGEIT are frequently required or preferred. 

Skills:

• Strong analytical, problem-solving, and communication skills are essential, along with the ability to lead and motivate teams.

Guesty is proud to be an Equal Opportunity Employer. We provide equal employment opportunities to all employees and applicants regardless of race, color, religion, sex, age, national origin, disability, veteran status, pregnancy, sexual orientation, or any other characteristic protected by law.