Company: Four Seasons Hotels

Location: Toronto, ON

Expected salary:

Job date: Fri, 20 Dec 2024 01:45:49 GMT

Job description: About Four Seasons:Four Seasons is powered by our people. We are a collective of individuals who crave to become better, to push ourselves to new heights and to treat each other as we wish to be treated in return. Our team members around the world create amazing experiences for our guests, residents, and partners through a commitment to luxury with genuine heart. We know that the best way to enable our people to deliver these exceptional guest experiences is through a world-class employee experience and company culture.At Four Seasons, we believe in recognizing a familiar face, welcoming a new one and treating everyone we meet the way we would want to be treated ourselves. Whether you work with us, stay with us, live with us or discover with us, we believe our purpose is to create impressions that will stay with you for a lifetime. It comes from our belief that life is richer when we truly connect to the people and the world around us.About the location: Four Seasons Hotels and Resorts is a global, luxury hotel management company. We manage over 120 hotels and resorts and 50 private residences in 47 countries around the world and growing. Central to Four Seasons employee experience and social impact programming is the company’s commitment to supporting cancer research, and the advancement of diversity, inclusion, equality and belonging at Four Seasons corporate offices and properties worldwide. At Four Seasons, we are powered by people and our culture enables everything we do.*This is a 12 Month Contract*The Business Information Security Manager will partner with stakeholders in the commercial team to ensure that technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against Four Seasons. They will lead or contribute to the completion of risk and control design assessments for Commercial applications as well as risk mitigation and remediation plans and remediation strategy. This role will require the candidate to have the ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization, and external partners. Overall, the successful candidate will act as an outspoken advocate for the importance of privacy and security by design and will insist on the inclusion of these principles early in any Commercial initiative.This role is based in Four Seasons Hotels and Resorts, Toronto Corporate Office, reporting to the Director, Global Information Security.Key ActivitiesCore ActivitiesGuide Commercial partners on a broad range of specific Technology Controls and Information Security programs, policies, and standards.Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats.Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for the Commercial team.Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.Adhere to, advise, oversee, monitor, and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.Influence behavior to reduce risk and foster a strong technology risk management culture throughout the Commercial team.Demonstrate ability to apply organization IT Security policies at a product and platform level.Participation and coordination activities for Security incidents related to Commercial technologies.Represents the IT Security leadership team at meetings and acts on behalf as requested.Program ManagementSupports Commercial team in planning stages of new initiatives to ensure “secure-by-design” principles are being considered and implemented.Collaborates with Enterprise Architecture and Global IT Security to confirm proposed solutions are compatible with Four Seasons IT standards and processes.Accountable for the understanding of business requirements, validating that solutions will meet internal security requirements prior to development or implementation.Partners with Commercial teams to complete business cases by providing relevant IT Security expertise.Aligns Commercial initiatives with Infrastructure and Security technology roadmaps.Monitors project risks related to IT Security, implement mitigation plans for associated risks.AdvocacyContribute to a compelling vision, clear direction and strategy for the Global IT Security and Commercial teams.Generate enthusiasm and understanding of the IT Security vision and how each discipline contributes to the achievement of that vision.Ensure appropriate processes are in place and executed to drive collaboration and alignment within the IT Security and Infrastructure organization.Stakeholder ManagementInteract and build relationships at all levels of the Commercial organization, including business partners and vendors.Work with Commercial teams globally to ensure compliance with Global IT Security processes, procedures, policies, standards, templates, and guidelines.Stay abreast with evolving information and technology risks, new regulations, laws and requirements for information risk, information security, cybersecurity, information protection and privacy across jurisdictions and overseeing company compliance with as required.Desired SkillsExcellent business acumen and experience managing relationships with fast paced, results driven Marketing professionalsAble to manage conflict, timeline misalignment and can elegantly advocate for the importance of compliance and operational governanceStrong negotiating, influencing and problem resolution skillsPassion for Information Security and Privacy disciplinesHighly critical and analytical dispositionHigh attention to detail and strong listening skillsAbility to work independently with minimal supervisionNatural curiosity and an ability to undertake creative explorationSelf-motivated, with critical attention to deadlines and reportingThe ability to manage tasks simultaneously and meet deadlines within a high energy, fast paced and evolving environmentThe ability to grasp and communicate technical issues to a variety of audiencesStrong advocate for an information risk cultureWell-rounded understanding of the information security risks generated by incorrectly deployed and configured applicationsExceptional communication skills and confidence to engage, challenge and/or make presentations with stakeholders who may have limited expert technical knowledgeExperience, Education and Professional QualificationsBachelor’s degree or equivalent business qualificationsInformation Security Certification or Accreditation an assetExperience working in an Agile business environmentStrong understanding of security best practices including NIST CSF, PCI DSS, and other leading control frameworks.Strong understanding of cloud operations and associated security capabilitiesExperience with Marketing and Commercial technologiesExperience participating in Digital initiatives with a strong predisposition to tying work effort to Objectives and Key Results (OKRs)Strong level of network, application, and other technical security controlsPreferred experience in a hospitality/service environmentThis role will be a Hybrid working model, which will require 2-3 days per week in the Four Seasons Corporate Office located at 1165 Leslie Street, Toronto, Ontario #LI-HybridFour Seasons is committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act. If contacted for an employment opportunity, please advise Human Resources if you require accommodation.

Four Seasons is a luxury hotel management company that values its people and its commitment to providing exceptional guest experiences. The Business Information Security Manager role at Four Seasons involves guiding commercial partners on technology controls and information security, conducting risk assessments, and ensuring security measures are in place to prevent threats. The role also includes program management, advocacy for IT security, stakeholder management, and desired skills such as business acumen, negotiation, and problem resolution. The ideal candidate will have a Bachelor’s degree, information security certification, and experience in an agile business environment. This role will be a hybrid working model based in the Four Seasons Corporate Office in Toronto.