Manager - Infrastructure Delivery, Audit & Compliance Management

Our Customer is an American multinational company that operates, franchises, and licenses lodging including hotel, residential, and timeshare properties. Offering the most powerful portfolio in the industry, their 30 brands and 8,000+ properties across 139 countries and territories give people more ways to connect, experience and expand their world. Diversity and inclusion is fundamental to their core values and strategic business goals. Taking care of people and their well-being is their most precious cultural inheritance. Additionally, guided by their sustainability and social impact platform, they commit to creating positive and sustainable impact wherever they do business. They have long believed in the power of their associates to shape the future. And now, part of that exciting future could be yours.

We are seeking an Infrastructure Delivery, Audit & Compliance Manager on a contract basis to help support our Customer’s business needs. This role is 100% remote with some travel to our Customer's Maryland office.

The Manager of Infrastructure Delivery – Audit and Compliance Management, supports and monitors IT governance and risk management strategies across the technology landscape that comply with applicable regulations, and cybersecurity and IT policies. This strategic role is responsible for implementing technology risk mitigation strategies emerging from audits, cyber threats, data privacy regulations and IT operations. You will play a vital role to ensure critical technology services and capabilities remain operational, stakeholders are kept abreast, and financial & reputational loss is prevented.

You will help the Infrastructure Delivery and Shared Services (I&DSS) team build the audit and compliance muscle to effectively respond to any internal/external audits or assessments. This includes sharing best practices of internal controls with process owners, conducting control readiness checks, supporting the tracking and reporting of any findings with associated teams utilizing data analytics, and guiding process owners to drive issue closure. You will leverage automation to gather evidence, build reports, status reports on compliance readiness and improve control design. Additionally, this role will assist the development of proactive risk management including communicating emerging risks and advising on the implementation of expected controls for effective risk mitigation across the technology landscape. We are seeking a highly motivated individual who can bring a solution-oriented mindset and is able to deliver quality results by overcoming ambiguity.

What You'll Do:

• Lead and support security issue management work
  • Actively monitor and follow up on open security issues and internal audit findings on a daily basis.
  • Coordinate with compliance point of contacts in other functional areas to gather status and obtain context of open security issues, recommend path forward to drive issue closure, and support internal and external reporting of pre-defined issue metrics
  • Serve as the key resource to provide clarification of issue management process for I&DSS issue owners
  • Support the reporting of key performance metrics to senior management
• Assist the regulatory compliance work
  • Support the tracking of active/planned work by process owners
  • Support the development of control inventory for technical environment I&DSS owns
  • Help advise on control design, implementation and effectiveness and validate the adequacy of supporting documentation
  • Assist the automation of compliance evidence gathering and reporting to drive adherence to policy and to reduce human error
  • Support the reporting of compliance state at program level to senior management
• Support the development of the Risk Management and Compliance function
  • Develop and/or enhance the standard operating procedures for risk management and compliance processes and maintain the documentation for governance operation and knowledge sharing
  • Support the alignment of risk management and compliance operations with enterprise tools and platforms
  • Lead/support the implementation of process optimization and automation of risk management and compliance operations
• Support the development of I&DSS audit and compliance program including planning activities and I&DSS control reviews covering infrastructure and operations, network, workplace services, and infrastructure security, cybersecurity, cloud and third-party risk, programs and projects via automation of I&DSS controls evidence gathering
  • Understand the impact on on-premises technology and cloud technology, operational risk to the I&DSS organization
  • Perform control readiness review by interviewing process owners and examining supporting evidence\
  • Lead kickoff, status, and closing meetings with team and key stakeholders and contribute to I&DSS audit knowledge base and internal practice development initiatives
  • Prepare clear, written, fact-based reports for the leadership use, working with management to detail action steps to reduce risk
  • Assist ad hoc / special I&DSS audit and compliance projects and participate in various business initiatives to assess the impact to the internal controls environment (e.g., new system implementation pre and post reviews and automation of manual controls)
• Coordinate with external/internal auditors, internal leaders, and process owners to ensure engagement and timely execution of audit work impacting I&DSS organization
• Assist the development of key metrics for proactive risk management. Apply data analytics to build dashboards for effective reporting and support data-driven risk management activities
• Other duties as assigned

Managing Projects and Priorities

• Develops specific goals and plans to prioritize, organize, and accomplish work for self and/or team members
• Provides direction and assistance to other teams regarding projects. Determines priorities, schedules, plans, and necessary resources to ensure completion of any projects on schedule
• Analyzes information and evaluates results to choose the best solution and solve problems
• Thinks creatively and practically to develop, execute, and implement new plans or programs. Generates and provides accurate and timely results in the form of reports, presentations, etc.
• Provides recommendations to improve the effectiveness of processes or programs
• Understands and meets the needs of key stakeholders
• Supports achievement of performance goals, budget goals, team goals, etc.

Required:

• Undergraduate degree in Business, Finance, Information Technology, Cybersecurity, Data Analytics, Robotics, or related discipline and/or equivalent experience/certification
• At least 5 years of IT leadership experience with a blend of deep technical knowledge and a customer-focused mindset that also includes:
• 2+ years in IT infrastructure risk, governance, audit and compliance for legacy and cloud native environments
• 2+ years leading and/or executing audits, compliance activities and risk mitigation strategies
• Experience in automation of IT governance and risk management processes
• Working knowledge of leading industry frameworks, standards, best practices, risk management techniques and experience in evaluating and advising the design and implementation of IT infrastructure and cybersecurity controls used for cloud/non-cloud environments
• At least one of the professional certifications (e.g., CISA, CRISC, CISSP) in cybersecurity, governance, risk, compliance, audit areas
• Experience in working with cross functional, sourced, or matrixed teams
• Strong problem resolution skills
• Strong attention to detail with proven ability to effectively prioritize and execute tasks in a dynamic and high-pressure environment
• Excellent verbal and written communication skills for a wide range of audiences including senior leaders, business stakeholders and IT teams

Preferred:

• Graduate Degree in a technical discipline
• Experience with major enterprise GRC, DevSecOps, cybersecurity technologies (e.g., ServiceNow, Jira, Confluence, Splunk, CrowdStrike, etc.)
• Solid experience in project/portfolio management
• Experience operating in Scaled Agile Framework environment
• Strong data analytics technical skills (e.g., Power BI) to support reporting and BI needs

Perks are available through our 3rd Party Employer of Record (Available upon completion of waiting period for eligible engagements)
Health Benefits: Medical, Dental, Vision, Life (including spouse & child), 401k, STD/LTD, AD&D, and Commuter Benefits program.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.