Director of Security, Compliance, and Risk
About the Role
We're looking for a talented and highly consultative Director of Security, Compliance, and Risk to help spearhead SevenRooms' security, data protection, IT risk management, and compliance programs.
You have a passion for hospitality and technology, and have in-the-trenches experience with cybersecurity, PCI compliance, GDPR, and SOC auditing. You are an advocate for building products and platforms responsibly and care deeply about protecting customers’ privacy rights and protection of their data. You are detailed, process-driven, and understand the balancing act that is managing risk. Most importantly, you want to be part of an innovative and hardworking software startup changing the world of hospitality.
As the Director of Security, Compliance, and Risk, you will be responsible for designing, developing and implementing SevenRooms' security, data protection, IT risk management, and compliance programs. This is a highly visible role reporting directly to the CTO and working with senior leadership to run a responsible business via identifying risks and ensuring compliance for our customers. You will possess both the technical and communication skills to be successful in this endeavor.
What You'll Do
- Review, improve, create, and monitor security processes and company IT policies
- Coordinate, monitor, develop, implement and maintain IT Compliance program
- Create a framework that effectively measures compliance standards with information policies
- Develop and maintain a strategy for managing security related audits, compliance checks and external assessments
- Manage and implement PCI, SOC, GDPR, and other compliance programs
- Create and execute a strategic annual Compliance Monitoring and Testing plan
- Ensure IT compliance programs meet all industry applicable rules, regulations, standards, and laws
- Track and ensure adequate and timely resolutions to all audit/review issues relating to IT compliance
- Conduct Vendor (Third Party) risk assessments.Provide guidance, evaluation and advocacy on all audit responses
- Create compliance reports as required
Who You Are
- Bachelor’s degree in Computer Science, Engineering, or other related discipline
- Minimum of 5 years experience in IT auditing and at least 3 years working with IT management in compliance
- Preferred certifications include:
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified Security Plus (+)
- Knowledge of ISO/IEC 27001, ITIL, COBIT, and NIST
- Strong knowledge of Cloud Security requirements and relevant legal, regulatory, and privacy requirements
- Knowledge of network, web technology, encryption, virtual private networks, internal, extranet, security, cloud, computing (firewalls remote access) and security management
What We Offer
- Competitive salaries and flexible work life balance
- Equity share in a growing business
- Unlimited Vacation. We trust you to take the time you need to be your most productive self.
- A full slate of benefits coverage including: medical, dental, vision, and pre-tax commuter benefits, gym reimbursements, and unique memberships through One Medical and Perkspot
- 401k plan
- A fun, vibrant office environment in Chelsea with a smart and passionate team doing incredible things to disrupt the hospitality tech space. Plus we're dog-friendly (woof!).
We believe that when insight and instinct combine, people and businesses thrive.
At SevenRooms, we're on a mission to help hospitality operators own direct relationships with their guests, building stronger businesses through personalized service and marketing. Our clients are some of the largest, most reputable restaurant, nightlife, hotel and concierge brands in the world. We provide these companies with mission-critical tools to run their business and manage millions of visits at their properties.
A career at SevenRooms means you'll be working alongside incredibly talented professionals with a passion for hospitality. We believe deeply in the power of meaningful connections, and it shows in the products we build and the people we hire.
We are proud to be an equal opportunity workplace and an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or veteran status.