GRC Analyst - Virtual
Best Western Hotels & Resorts is a leading, global hospitality network comprised of three hotel companies, including WorldHotels® Collection, Best Western® Hotels & Resorts and SureStay Hotel Group®.
- The ideal candidate will be passionate about our guests, member hotels, partners, stakeholders, and technology. This role requires the ability to build rapport and credibility with numerous stakeholders within Best Western to be able to drive results. Excellent communication and interpersonal skills are a must to ensure success.
- Demonstrated experience in implementing compliance framework such as PCI 3.2.1, NIST, COBIT and ISO 27001 etc.
- Work with various stakeholders and external auditors to maintain current documentation for scoping, testing and remediation of IT controls.
- Work with stakeholders to fulfil evidence requests within committed timelines.
- Conduct quarterly checks of critical controls with stakeholders to provide actionable advisement to management for timely remediation.
- Assess audit findings and gaps, work with stakeholders to develop action plans for remediation.
- General understanding of Sarbanes Oxley (SOX Compliance requirements and IT General Controls)
- Thorough knowledge of PCI related standards including PCI-DSS, PA-DSS, ASV guidelines and other support documents
- Thorough understanding of GDPR and the California Consumer Privacy Act (CCPA)
- Familiarity with a broad range of IT and Information Security products and technologies such as central logging systems, file integrity monitoring and vulnerability scanning tools.
- Excellent documentation and communication skills
- Bachelor's or Master's degree in a computer or information management field or related experience.
- Minimum of either CISSP, CISA, or CISM required
- 3-5 years’ experience in an information security compliance, audit or risk management role with hands on experience in a multitude of compliance initiatives including but not limit to
- EU-GDPR, CCPA
- Strong analytical and problem-solving skills with the ability to function as a change agent
- Strong skills with intermediate to advanced level expertise with Excel and PowerPoint
- Demonstrated experience working within a team in a high paced environment. Understanding of security metrics and creation of effective dashboards for management review and consumption.
- Demonstrated ability to create and present security awareness training content a plus.
Receives operational guidance on duties, service standards and goals.
Exhibits personal characteristics and professional standards that serve as a role model for others. Simplifies complex processes and organizes people and activities to get things done.
Full functional and technical know-how to meet professional standards and succeed in the job. Keeps functional and technical skills current.
Conveys and obtains information both internal and external to the department. Shares new concepts and approaches with others. Uses written verbal or electronic skills to communicate effectively with a variety of levels in the organization, including those less familiar with computing terminology.
Uses rigorous logic and methods to solve technically complex problems. Uses a wide degree of creativity and latitude to analyze and resolve problems.
Best Western Hotels & resorts offers a different kind of work atmosphere, a place where everybody pulls together around a common goal. In fact, helping one another is at the heart of our organization, which began as an informal referral system in 1946 among member hotels focused on the idea of "member helping member." Today, our more than 1,000 corporate employees carry on that tradition of helping members - and each other - succeed.