Sr. Governance Security GFIT Manager

This candidate will be required to establish, develop, maintain, and enforce governance policies and procedures related to the global governance and security of the Carnival Global Financial Systems (CGFS) managed by GFiT.  As the primary contact to Brand Management regarding security and compliance requirements over the financial systems, this role has direct influence over the governance of Oracle EBS, Kofax/MarkView, OBIEE, APEX Applications (i.e., STAR, DSD, JE Review, GIM, etc.), BlackLine, FastPath, IT2, Robotic Process Automation, Hyperion Planning, FASTT, Lease Accelerator System, PowerBI, Carnival SEAS and any new applications/enhancements introduced into CGFS.  This candidate is responsible for the on-going analysis and identification of governance and compliance needs for incoming projects (i.e., Treasury HUB, AP Automation, application upgrades and enhancements, etc.) as well as with the implementation of new applications, functionality, or modules, through enhancements to the GFiT controls and overall process improvements. This role ensures adherence with Global Cybersecurity Services and global regulatory requirements (i.e., SOX, GDPR, CCPA, NIST, etc.).  The Sr Manager will interface with internal/external audit teams addressing audit requests managing any gap remediation as needed for the GFiT environment as well as the execution of third-party audit team Agreed Upon Procedures.

Essential Functions:

• Responsible for technology-related compliance issues, including information security, business continuity and identity management for all the applications managed by GFiT. 
• Manage the design and operationalization of any process or technology controls as required by applicable regulatory compliance frameworks. On-going analysis of governance and compliance needs and identification of enhancements to the GFiT internal controls, keep track of new regulations, industry best practices, implementation of new functionality or software, and implement continuous process improvement. Review security and role setups to identify sensitive access and provide guidance on role assignments to avoid potential segregation of duties issues or excess access being granted.           
• Manage and address all inquiries, audit requests, walkthroughs, and access requests related to CGFS for the internal/external audit or Brand SOX teams.  Manage the third-party audit team responsible for performing Agreed Upon Procedures over the GFiT Change Management process up through the delivery of the final report. Perform the annual control effectiveness certification on behalf of the GFiT environment.        
• Responsible for the monitoring and disposition of items requiring further review or action as identified via the Data Security Dashboard (DSD), application alerts and FastPath applications.
• Responsible for the roll out and management of the various access reviews performed across CGFS.  Manage the STAR application and deployment of the user access reviews, identify and rollout potential enhancements to the application and conduct reviewer training across the organization.
• Engage with the GFiT PMO team to identify and address governance items, security risks and controls for each project/enhancement.
• Advise internal business stakeholders on security and compliance requirements and work in cross-functional partnership to help ensure those requirements are met.
• Participate in and review the Business Continuity Plan/Disaster Recovery procedures and communications to support any BCP/DR processes, identify risks, address governance requirements, and determine/ensure appropriate approval captures.  Participate in BCP/DR events/tests to ensure coverage of the various Governance applications.    

Qualifications:

• Bachelor’s degree in Accounting, Systems Management, Information Systems, or equivalent is required.
• Minimum of 10 years of experience in ERP risk management or compliance of financial systems. Must be adept at building strong relationships with various business units to define and deliver application needs. Good communication and organizational skills are essential, as well as the ability to work well in a team and interact with all levels of management globally.
• Should have expertise in regulatory compliance, IT audit, application security, policy compliance, general computer controls, and/or technology risk management.
• Must be adept at building strong relationships with various internal controls-focused areas across the Organization. Good communication and organizational skills are essential, as well as the ability to work well in a team and interact with all levels of management globally.
• IT Certifications such as CISA, CIA, CISM, CRISC, CIPP, PMP or CISSP are a plus.           
• A minimum of 4 years of prior Financial or IT Audit experience preferred.  Understanding of cruise industry and the role that IT security and compliance plays in the industry.  Individual must be accustomed to working in a dynamic/global environment. 

Knowledge, Skills and Abilities:

• Strong understanding or ability to rapidly learn the business as it is impacted by security, regulatory compliance, and risk mitigation standards.  Manage and drive multiple work-streams simultaneously to successful completion. Highly motivated, and detail oriented with the ability to work collaboratively and independently. Ability to interpret data and processes to identify potential security and compliance issues, risks, and vulnerabilities.  Ability to propose creative solutions to successfully remediate identified security and compliance issues.  Ability to quickly understand financial systems to identify and validate security and compliance requirements.  Ability to work well under pressure and handle crisis situations professionally with internal and external personnel.

Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time.

Travel: No or very little travel likely

Work Conditions: Work primarily in a climate-controlled environment with minimal safety/health hazard potential.

This position is classified as “in-office.” As an in-office role, it requires employees to work from a designated Carnival office in South Florida Tuesday through Thursday each week. Employees may work from their homes on Mondays and Fridays.  Candidates must be located in (or willing to relocate to) the Miami/Ft. Lauderdale area.

Offers to selected candidates will be made on a fair and equitable basis, taking into account specific job-related skills and experience.  

At Carnival, your total rewards package is much more than your base salary. All non-sales roles participate in an annual cash bonus program, while sales roles have an incentive plan. Director and above roles may also be eligible to participate in Carnival’s discretionary equity incentive plan. Plus, Carnival provides comprehensive and innovative benefits to meet your needs, including:

• Health Benefits:
  • Cost-effective medical, dental and vision plans
  • Employee Assistance Program and other mental health resources
  • Additional programs include company paid term life insurance and disability coverage 
• Financial Benefits:
  • 401(k) plan that includes a company match
  • Employee Stock Purchase plan
• Paid Time Off
  • Holidays – All full-time and part-time with benefits employees receive days off for 8 company-wide holidays, plus 2 additional floating holidays to be taken at the employee’s discretion. 
  • Vacation Time – All full-time employees at the manager and below level start with 14 days/year; director and above level start with 19 days/year.  Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 84 hours/year.  All employees gain additional vacation time with further tenure.
  • Sick Time – All full-time employees receive 80 hours of sick time each year.  Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 60 hours each year.  
• Other Benefits
  • Complementary stand-by cruises, employee discounts on confirmed cruises, plus special rates for family and friends
  • Personal and professional learning and development resources including tuition reimbursement 
  • On-site preschool program and wellness center at our Miami campus

#LI-SR1

#LI-Hybrid

Carnival Corporation & plc is the world’s largest leisure travel company, our mission to deliver unforgettable happiness to our gust through our diverse portfolio of leading cruise brands and island destinations, including Carnival Cruise Line, Holland America Line, Princess Cruises, and Seabourn in North America and Australia; P&O Cruises and Cunard Line in the United Kingdom; AIDA in Germany; Costa Cruises in Southern Europe.

Join us and embark on a career that offers not only the chance to grow professionally but also the opportunity to be part of a global community that makes a difference.

In addition to other duties/functions, this position requires full commitment and support for promoting ethical and compliant culture. More specifically, this position requires integrity, honesty, and respectful treatment of others, as well as a willingness to speak up when they see misconduct or have concerns.

Carnival Corporation & plc and Carnival Cruise Line is an equal employment opportunity/affirmative action employer. In this regard, it does not discriminate against any qualified individual on the basis of sex, race, color, national origin, religion, sexual orientation, age, marital status, mental, physical or sensory disability, or any other classification protected by applicable local, state, federal, and/or international law. 

https://www.dol.gov/sites/dolgov/files/WHD/legacy/files/fmlaen.pdf

https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf

https://www.dol.gov/sites/dolgov/files/WHD/legacy/files/eppac.pdf

https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf