HiringCafe
Posted 3w ago

Principal Information Security Risk and Compliance Specialist

@ Amadeus
View All Jobs
San Jose, Costa Rica, Costa Rica
HybridFull Time
Responsibilities:Risk management, Threat identification, Collaboration
Requirements Summary:Bachelor’s or Master’s degree; 5+ years IT risk, compliance, security controls; certifications CRISC, CISM, ISO 27001 Lead Implementer; experience with audits; multicultural collaboration.
Technical Tools Mentioned:Archer
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Job Title

Principal Information Security Risk and Compliance Specialist

Job Title: Principal Information Security Risk & Compliance Specialist

Position type: Permanent, Hybrid Work Model

Location: San Jose, Costa Rica

About Your Business Area/Department:

The Hospitality Security Office (HSO) is a dynamic hub of security expertise, uniting three specialized teams to create an industry-leading security ecosystem:

  • Governance, Risk, and Compliance (GRC): Driving regulatory adherence and risk mitigation.

  • Secure Development Lifecycle (SDL): Embedding security throughout product engineering.

  • Security Assurance & Engineering (SAE): Ensuring resilient systems and robust defenses.

Together, these teams deliver a cohesive, forward-thinking security posture for the Hospitality Business Unit, strengthening resilience against evolving threats, data breaches, fraud, and cyber-attacks. The HSO is committed to ongoing improvement, safeguarding both intentional and accidental risks.

Governance, Risk & Compliance Team Overview

The GRC team ensures the Hospitality Business Unit consistently meets regulatory requirements and industry-leading security standards. This group proactively implements new controls and requirements, positioning the business at the forefront of compliance and security.

Summary of the role:

As the Principal Information Security Risk & Compliance Specialist within the GRC team, you will report to the Director of GRC and spearhead strategic initiatives across Information Security, Governance, Risk, and Compliance. Serving as a senior subject matter expert, you will guide operational direction for information security risk management and play a pivotal role in shaping our risk posture.

In this role you’ll:

Key Responsibilities

  • Risk Management with Archer: Lead periodic risk assessments, define and drive remediation plans with risk owners and business stakeholders, analyze risk trends, and deliver insightful reporting.

  • Threat Identification: Conduct risk assessments to uncover potential threats and vulnerabilities across systems, data, and processes.

  • Collaboration: Partner with internal stakeholders to craft and implement robust risk mitigation strategies and actionable plans.

  • Expert Advisory: Serve as a trusted advisor to the Hospitality CISO and Director of GRC, leveraging your expertise in Risk Management.

  • Compliance Governance: Oversee Hospitality compliance programs, ensuring seamless alignment with industry regulations and standards relevant to the Hospitality portfolio.

  • Audit Excellence: Manage compliance audits, assessments, and certifications, collaborating with external auditors and representing the security function.

  • Strategic Alignment: Maintain synergy with Hospitality’s mission, the CISO vision, and central organizational guidance.

  • Governance Framework: Establish and sustain a comprehensive information security governance framework, seamlessly integrating risk management and compliance requirements.

  • Policy Communication: Ensure guidelines, policies, and procedures from the Governance Framework are effectively communicated and adopted throughout the Hospitality Business Unit.

About the ideal candidate:

  • Bachelors or Master’s degree from an accredited institution.

  • Highly valued certifications such as CRISC®, CISM, ISO 27001 Lead Implementer, or equivalent.

  • At least 5 years of experience in IT organizations, demonstrating mastery of IT risk frameworks, compliance management, security controls, and methodologies.

  • Proven track record in international and multicultural environments.

  • Experience collaborating with auditors and external regulatory bodies.

Ideal Candidate Profile

  • Outstanding organizational, communication, and problem-solving capabilities.

  • Exceptional interpersonal skills and deep understanding of regulatory guide-lines and security policies.

  • Self-driven, eager to learn, and highly adaptable.

  • Creative, collaborative, and passionate about advancing information security.

  • Innovative, enthusiastic, and ready to make a global impact.

What we can offer you:

  • Get rewarded with competitive remuneration, individual and company annual bonus, vacation and holiday paid time off, health insurances and other competitive benefits.

  • Work hybrid at our Bogota office. 

  • Professional development to broaden your knowledge and enhance your skills with on-line learning hubs packed with technical and soft skills training that allow you to develop and grow.

  • Enter a diverse and inclusive workplace, join one of the world’s top travel technology companies and take on a role that impacts millions of travelers around the globe.

Application process: 

The application process takes no longer than 10 minutes!
Create your candidate profile, upload your Resume/CV and apply today!

Working at Amadeus, you will find:

🎯 A critical mission and purpose - At Amadeus, you will be powering the future of travel and pursuing a critical mission and extraordinary purpose.

🌎 A truly global DNA - Everything at Amadeus is global, from our people to our business, which translates into our footprint, processes, and culture.

🎓 Great opportunities to learn - Learning happens all the time and in many ways at Amadeus, through on-the-job training, formal learning activities, and day-to-day interactions with colleagues.

🤗 A caring environment - Amadeus fosters a caring environment, nurturing both a fulfilling career and personal and family life. We care about our employees and strive to provide a supportive work environment.

💰 A complete rewards offer - Amadeus provides attractive remuneration packages, covering all essential components of a competitive reward offer, including salary, bonus, equity, and benefits.

🌈 A diverse and inclusive community - We are committed to leveraging our uniquely diverse population to drive innovation, creativity, and collaboration across our organization.

📈 A Reliable Company - Trust and reliability are fundamental values that drive our actions and shape long-lasting relationships with our customers, partners, and employees.

Diversity & Inclusion

Amadeus aspires to be a leader in Diversity and Inclusion in the tech industry, enabling every employee to reach their full potential by fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.  

Amadeus is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to gender, race, ethnicity, sexual orientation, age, beliefs, disability or any other characteristics protected by law.