GCS Risk Management Manager
Miami, FL, United States
Carnival Corporation & plc
The Investor Relations website contains information about Carnival Corporation & plc's business for stockholders, potential investors, and financial analysts.The Risk Manager is an individual contributor role with accountability for ensuring the effectiveness of the organization’s information security governance framework, and works as part of a team to assess cybersecurity and technology risks against established frameworks, standards, policies and methodologies. This role involves analyzing, monitoring, and reporting on the company’s security policies, procedures, and standards to ensure compliance with regulatory and industry requirements. The Risk Manager collaborates closely with internal teams, stakeholders, and leadership to provide insights and recommendations for continuous improvement in security governance and risk management. The role also reviews and documents deficiencies, advocates for change and, when appropriate, escalates issues to senior risk leadership. The ideal candidate is business-minded, with five or more years experience in technology and security administration or security risk management. Practical hands-on technology experience in security principles, risk management and some business acumen is ideal.
Essential Functions:
- Lead in developing, maintaining, and implementing information security governance body (e.g.: Policies, Standards, Controls, etc.) following industry best practices and regulatory requirements
- Analyze current governance models and identify gaps or areas for improvement
- Perform risk analysis based on observations such as interviews, documentation review, and technical assessments. Collaborate with partners in Information and Cyber Security, Privacy, Compliance, Third Party Risk Management, IT and OT practitioners, and Internal Audit, across the enterprise to ensure understanding of potential business impact(s) resulting from identified risks. Identify Drivers, Preventive Controls, Risks themselves, Mitigating Controls, and Impacts from those Risks
- Serve as a liaison between the IT Security, Risk, and business departments to ensure cross-functional collaboration on security governance initiatives
- Lead efforts with business owners to create treatment plans to address risk drivers, facilitate communication and education of policies and standards for key stakeholders and employees.
- Support the coordination of security governance-related tasks within the broader IT or security projects
- Support the design and implementation of security governance projects or programs, including change management initiatives
Qualifications:
- Education: Bachelor’s degree in Computer Science, Information Security, Information Systems/Technology
- Years & or Area of Professional experience: 5+ Years working experience, with a minimum of 5 years in IT Security and Governance or Risk Management is preferred
- Critical Professional related Technical Skills, Computer Skills: Experience with GRC tools such as OneTrust, Archer, etc. MS Office Suite, IT Risk Management, IT Governance, Audit or Regulatory Compliance. Active certifications in one of the related areas of security and governance such as CISA, CISSP, CRISC, etc are preferred.
Knowledge, Skills & Abilities:
- High level of integrity and trust. Keeps abreast of current and emerging technical information security developments. Attending meetings and GRC related conferences. Ability to plan, coordinate, and execute complex Governance and IT Security assignments, design and apply tools, techniques, and procedures to maintain the highest standards of Governance and IT Security
Decision-Making:
- Standard: These decisions are those that are repetitive decisions on a recurring basis and are commonly related to daily activities. They are relatively simple, relying on historical data and previous solutions.
Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time. Requires regular movement throughout CCL facilities.
Travel: Less than 25% with shipboard travel likely
Work Conditions: Work primarily in a climate-controlled environment with minimal safety/health hazard potential.
This position is classified as "in-office." As an in-office role, it requires employees to work from a designated Carnival office in South Florida from Tuesday through Thursday. Employees may work from home on Mondays and Fridays. Some positions may require additional in-office time each week and final schedule is determined by your leader. Candidates must be located in (or willing to relocate to) the Miami/Ft. Lauderdale area.
Offers to select candidates will be made on a fair and equitable basis, taking into account specific job-related skills and experience.
At Carnival, your total rewards package is much more than your base salary. All non-sales roles participate in an annual cash bonus program, while sales roles have an incentive plan. Director and above roles may also be eligible to participate in Carnival’s discretionary equity incentive plan. Plus, Carnival provides comprehensive and innovative benefits to meet your needs, including:
- Health Benefits:
- Cost-effective medical, dental and vision plans
- Employee Assistance Program and other mental health resources
- Additional programs include company paid term life insurance and disability coverage
- Financial Benefits:
- 401(k) plan that includes a company match
- Employee Stock Purchase plan
- Paid Time Off
- Holidays – All full-time and part-time with benefits employees receive days off for 7 company-wide holidays, plus an additional floating holiday to be taken at the employee’s discretion.
- Vacation Time – All full-time employees at the manager and below level start with 14 days/year; director and above level start with 19 days/year. Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 84 hours/year. All employees gain additional vacation time with further tenure.
- Sick Time – All full-time employees receive 80 hours of sick time each year. Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 60 hours each year.
- Other Benefits
- Complementary stand-by cruises, employee discounts on confirmed cruises, plus special rates for family and friends
- Personal and professional learning and development resources including tuition reimbursement.
- On-site preschool program and wellness center at our Miami campus
#LI-Hybrid
#LI-SH1
In addition to other duties/functions, this position requires full commitment and support for promoting ethical and compliant culture. More specifically, this position requires integrity, honesty, and respectful treatment of others, as well as a willingness to speak up when they see misconduct or have concerns.Carnival Corporation & plc is a global cruise company and one of the largest vacation companies in the world. Our portfolio of leading cruise brands includes Carnival Cruise Line, Holland America Line, Princess Cruises and Seabourn in North America; P&O Cruises, and Cunard Line in the United Kingdom; AIDA in Germany; Costa Cruises in Southern Europe; and P&O Cruises in Australia. Our employees have a responsibility to be accountable for all actions. We consider the environment in all aspects of our business and have a responsibility to put safety and sustainability first. We live and share a positive attitude which is based on fostering an environment of inclusion, trust, a willingness to listen, openness and integrity.
Carnival Corporation & plc and Carnival Cruise Line is an equal employment opportunity/affirmative action employer. In this regard, it does not discriminate against any qualified individual on the basis of sex, race, color, national origin, religion, sexual orientation, age, marital status, mental, physical or sensory disability or any other classification protected by applicable local, state, federal and/or international law.
Benefits as a member of Carnival's Team:
- A comprehensive benefit program which includes medical, dental and vision plans
- Additional programs include company paid term life insurance and disability coverage and a 401(k) plan that includes a company match
- Employee Stock Purchase plan
- Paid vacation and sick time
- Cruise benefits
- An on-site fully accredited preschool educational program located at our Doral campus
- An on-site Wellness Center and Health clinic at our Doral campus
https://www.dol.gov/sites/dolgov/files/WHD/legacy/files/fmlaen.pdf
https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf
https://www.dol.gov/sites/dolgov/files/WHD/legacy/files/eppac.pdf
https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISA CISSP Compliance Computer Science CRISC Governance Monitoring Privacy Risk analysis Risk management
Perks/benefits: 401(k) matching Career development Conferences Equity / stock options Health care Insurance Salary bonus Startup environment Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.