Search jobs > Dallas, TX > Compliance risk data

IT Compliance, Data, and Risk Management Specialist

Omni Hotels & Resorts
Dallas, TX, US
Full-time

Overview

Omni Hotels and Resorts creates genuine, authentic guest experiences at 60 distinctive luxury hotels and resorts in leading business gateways and leisure destinations across North America.

Omni Hotels is known for its exemplary culture, authenticity to the markets in which we operate, innovation and exceptional service.

Our commitment to career development has created tenure and loyalty that enables us to perpetuate our family atmosphere.

Job Description

We are seeking a highly skilled IT Compliance, Data Governance, and Risk Management Specialist with a strong technical security background and extensive experience in PCI (Payment Card Industry) Compliance to join our team.

The successful candidate will be responsible for ensuring our IT systems, data, and processes comply with regulatory standards, managing risk, and implementing robust security measures.

This role is crucial for protecting our organization’s information assets and maintaining the highest levels of data security and integrity.

Responsibilities

Compliance Management :

  • Develop, implement, and maintain compliance programs to ensure adherence to PCI DSS and other regulatory requirements.
  • Conduct internal compliance audits and assessments, identifying and addressing gaps in compliance.
  • Coordinate with internal and external auditors for compliance assessments and certifications.
  • Develop and update compliance documentation, including policies, procedures, and controls.
  • Lead PCI DSS (Payment Card Industry Data Security Standard) compliance efforts, including annual assessments, audits, and reporting.
  • Conduct regular PCI compliance training and awareness programs for staff.
  • Coordinate with internal and external auditors during PCI DSS assessments and audits.
  • Remain current on PCI DSS updates and changes and communicate their impact to relevant stakeholders.

Risk Management :

  • Conduct thorough risk assessments to identify, evaluate, and mitigate risks associated with IT systems and processes.
  • Maintain a risk register, documenting identified risks, assessment outcomes, and mitigation strategies.
  • Develop and implement risk management frameworks and policies.
  • Regularly review and update risk management practices to reflect changes in the threat landscape and regulatory environment.

Technical Security :

  • Design, implement, and manage technical security controls to protect sensitive data and ensure compliance with PCI DSS and other standards.
  • Perform security assessments, vulnerability scans, and penetration tests to identify and address security weaknesses.
  • Oversee the configuration and maintenance of security tools, such as firewalls, intrusion detection systems, encryption technologies, and SIEM (Security Information and Event Management) solutions.
  • Monitor and respond to security incidents, ensuring timely resolution and thorough documentation.

Security and Controls :

  • Collaborate with IT and security teams to design and implement security controls that protect sensitive data and comply with industry standards.
  • Oversee the implementation of technical security measures, such as firewalls, encryption, and intrusion detection systems, to safeguard information assets.
  • Perform regular security assessments, vulnerability scans, and penetration tests to identify and address security weaknesses.
  • Ensure timely resolution of security incidents and vulnerabilities, working closely with the incident response team.

Data Governance :

  • Develop and implement data governance frameworks, policies, and procedures to ensure data quality, integrity, and security.
  • Establish data stewardship and ownership roles and responsibilities within the organization.
  • Collaborate with cross-functional teams to ensure compliance with data governance standards and practices.
  • Monitor and report on data governance metrics, identifying areas for improvement and implementing corrective actions.

Data Classification :

  • Develop and implement a comprehensive data classification schema to categorize data based on sensitivity, criticality, and usage.
  • Work with business units to classify data according to established guidelines and ensure appropriate handling and protection.
  • Maintain and update data classification policies and procedures as organizational and regulatory requirements evolve.
  • Conduct regular audits and assessments to ensure compliance with data classification standards.

Training and Awareness :

  • Develop and deliver training programs to educate staff on compliance requirements, security policies, and risk management practices.
  • Conduct regular awareness sessions to keep employees informed about the latest security threats and compliance updates.

Documentation and Reporting :

  • Create and maintain detailed documentation for compliance activities, risk assessments, and security controls.
  • Develop and maintain comprehensive documentation for IT governance, risk management, and PCI compliance activities.
  • Prepare comprehensive reports on compliance status, risk management activities, and security incidents for senior management and regulatory bodies.
  • Maintain records of compliance audits, risk assessments, and security incident responses.

Qualifications

  • Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
  • Minimum of 5 years of experience in IT compliance, Data Governance, risk management, and technical security, with a strong focus on PCI DSS.
  • In-depth knowledge of PCI DSS requirements, IT security frameworks, and standards such as ISO 27001 and NIST.
  • Proven experience in conducting security assessments, managing risk mitigation plans, and implementing technical security controls.
  • Strong analytical, problem-solving, and decision-making skills.
  • Excellent communication and interpersonal skills, with the ability to work effectively with cross-functional teams.
  • Relevant certifications, such as CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), or PCI QSA (Qualified Security Assessor), are highly desirable.

Additional Information :

  • Ability to work in a fast-paced, dynamic environment with minimal supervision.
  • Occasional travel may be required for training and industry events.

Omni Hotels & Resorts is an equal opportunity employer - vets / disability.

30+ days ago
Related jobs
Promoted
VirtualVocations
Garland, Texas

A company is looking for a Compliance and Data Analyst I to ensure regulatory adherence and support data analysis for compliance-related tasks. ...

Promoted
Parkland Health and Hospital System
Dallas, Texas

Interested in a career with both meaning and growth? Whether your abilities are in direct patient care or one of the many other areas of healthcare administration and support, everyone at Parkland works together to fulfill our mission: the health and well-being of individuals and communities entrust...

Promoted
Deloitte
Dallas, Texas

If you're seeking a career implementing, architecting, and-in select cases-handling next generation controls to manage security risks and exposure, then the Cyber Infrastructure team at Deloitte is for you. You will become part of a team that advises, implements, and manages solutions across five ve...

Promoted
Protiviti
Dallas, Texas

Employees are eligible for medical, dental, and vision coverages, FSA and HSA healthcare accounts, life and accident insurance, adoption and fertility assistance, paid parental leave up to 10 weeks, and short/long term disability. Our people work both in-person in local Protiviti offices and on clie...

Promoted
Deloitte
Dallas, Texas

Operations and Technology Transformation delivers market leading expertise and industry depth by harnessing deep sector knowledge, scaling the power of hybrid services and products, and unlocking the power of Process Bionics to deliver sustainable and impactful solutions to our clients. We advise, d...

Promoted
Tekfortune Inc
Dallas, Texas

Knowledge of implementing, managing and auditing security & compliance regulation (NERC CIP, SOX, PCI DSS, DPA, HIPAA, GLBA), Standards (ISO 27001, BS 17799) and frameworks (ITIL, NIST, COBIT). Assist in compliance initiatives at function and organizational levels in areas of Information security an...

Bank of America
Dallas, Texas

Engages in activities to provide support to the Compliance and Operational Risk teams in order to provide independent compliance and operational risk oversight of Global Compliance and Operational Risk performance and any related third party/vendor relationships in alignment with the Global Complian...

BDO
Dallas, Texas

Additionally, the Manager, Data Risk & Security is charged with managing all aspects of an internal audit, SOXor consulting engagement to include planning, field work, engagement wrap up and report composition, along with providing recommendations regarding client risks. The Manager, Data Risk & Sec...

Texas Capital Bank
Dallas, Texas

Texas Capital provides a variety of benefits to colleagues, including health insurance coverage, wellness program, fertility and family building aids, life and disability insurance, retirement savings plans with a generous 401K match, paid leave programs, paid holidays, and paid time off (PTO). Poss...

Parkland Health and Hospital System
Dallas, Texas

Interested in a career with both meaning and growth? Whether your abilities are in direct patient care or one of the many other areas of healthcare administration and support, everyone at Parkland works together to fulfill our mission: the health and well-being of individuals and communities entrust...