Royal Caribbean Group
Manager Enterprise Security Architecture
Royal Caribbean Group, Florida, New York, United States
Manager Enterprise Security Architecture
Royal Caribbean Group’s IT Architecture Team has an exciting career opportunity for a full time Manager, Enterprise Security Architecture, reporting to the AVP, Enterprise Architecture & Engineering. The Manager, Enterprise Security Architecture must possess extensive knowledge of security architecture principles and best practices, including cloud and network security, data security, and security governance & compliance. The role requires collaboration across various teams and close cooperation with the Enterprise Security Team, Engineering Managers, Product Owners, and Enterprise Architects. This position entails overseeing the security architecture and selecting the appropriate technology for systems and applications within the company's product portfolio. The ideal candidate should have a profound understanding of cybersecurity frameworks, risk management, cloud security, and compliance, particularly within the cruise line or hospitality industry. Essential Duties and Responsibilities Design and implement an extensive security architecture throughout the enterprise that aligns with business objectives and regulatory requirements, ensuring a robust and flexible security framework. Establish and implement security architecture policies, standards, and best practices throughout IT and operational technology environments, encompassing both onboard ship systems and corporate infrastructure. Lead security architecture initiatives for cloud computing (AWS, Azure, GCP), network security, data protection, and identity & access management to guard against emerging threats. Provide expert guidance on secure software development lifecycle (SDLC), ensuring security is embedded in all transformation projects, infrastructure deployments, and new technology integrations. Work with application and platform architects and development teams to establish and uphold secure coding practices, security design principles, and vulnerability mitigation strategies across the full stack of application layers, including web, mobile, API, backend, and AI components. Ensure adherence to global compliance frameworks such as GDPR, PCI-DSS, NIST, IMO, Maritime Cybersecurity Guidelines, and ISO 27001. Evaluate and mitigate security risks by conducting advanced threat modeling, vulnerability assessments, penetration testing, and continuous monitoring to protect systems against cyber threats. Work closely with IT, compliance, legal, operations, and business units to integrate security best practices into corporate and shipboard operations. Stay ahead of the cybersecurity landscape, evaluating new technologies such as AI-driven security analytics, zero-trust architectures, and blockchain-based identity management to enhance security capabilities. Documents and communicate security architecture decisions and strategies effectively. Present executive recommendations to facilitate technology product selections, buy vs build decision, and direction for strategic product roadmaps. Accountable for large/complex estimation activities, and quality of estimates, in collaboration with the product teams and peer architects. Performs other duties as required. Qualifications, Knowledge and Skills Bachelor’s or Master’s degree in Engineering, Computer Science, Information Technology, Math, or a related field. 10+ years of experience in information security, including 5+ years in a security architecture leadership role. Proven ability to design, develop, and implement secure, scalable, and robust system architectures aligned with business goals. Strong knowledge of enterprise architecture and security frameworks, including NIST, ISO 27001, and CIS. Hands-on experience with IAM solutions such as ForgeRock IAM and Symantec MFA, as well as threat modeling tools like IriusRisk. Proficient with Active Directory, Office 365, Symantec antivirus, MFA, firewalls, SIEM, IDS/IPS, endpoint protection, and encryption technologies. Experience with at least one major cloud platform (AWS, Azure, or GCP) and familiarity with cloud-native services and hybrid environments. Familiarity with maritime IT environments, including shipboard networks, satellite communications, and maritime cybersecurity regulations. Understanding of data privacy regulations such as GDPR, CCPA, and HIPAA. Strong communication skills with the ability to document and present architectural decisions to technical and business stakeholders. Experienced in working with senior leadership to define technology roadmaps and lead product-level solutioning. Proficient in software architecture, configurations, integration, and technical implementation of enterprise software products. Recognized as a technical expert across multiple products and a mentor to engineering teams on frameworks, tools, and integration patterns. Preferred certifications include CISSP, CCSP, or equivalent. Continuously tracks emerging technologies, architectural trends, and vendor solutions to evolve security practices. Royal Caribbean Group is an equal employment opportunity employer and prohibits discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law.
#J-18808-Ljbffr
Royal Caribbean Group’s IT Architecture Team has an exciting career opportunity for a full time Manager, Enterprise Security Architecture, reporting to the AVP, Enterprise Architecture & Engineering. The Manager, Enterprise Security Architecture must possess extensive knowledge of security architecture principles and best practices, including cloud and network security, data security, and security governance & compliance. The role requires collaboration across various teams and close cooperation with the Enterprise Security Team, Engineering Managers, Product Owners, and Enterprise Architects. This position entails overseeing the security architecture and selecting the appropriate technology for systems and applications within the company's product portfolio. The ideal candidate should have a profound understanding of cybersecurity frameworks, risk management, cloud security, and compliance, particularly within the cruise line or hospitality industry. Essential Duties and Responsibilities Design and implement an extensive security architecture throughout the enterprise that aligns with business objectives and regulatory requirements, ensuring a robust and flexible security framework. Establish and implement security architecture policies, standards, and best practices throughout IT and operational technology environments, encompassing both onboard ship systems and corporate infrastructure. Lead security architecture initiatives for cloud computing (AWS, Azure, GCP), network security, data protection, and identity & access management to guard against emerging threats. Provide expert guidance on secure software development lifecycle (SDLC), ensuring security is embedded in all transformation projects, infrastructure deployments, and new technology integrations. Work with application and platform architects and development teams to establish and uphold secure coding practices, security design principles, and vulnerability mitigation strategies across the full stack of application layers, including web, mobile, API, backend, and AI components. Ensure adherence to global compliance frameworks such as GDPR, PCI-DSS, NIST, IMO, Maritime Cybersecurity Guidelines, and ISO 27001. Evaluate and mitigate security risks by conducting advanced threat modeling, vulnerability assessments, penetration testing, and continuous monitoring to protect systems against cyber threats. Work closely with IT, compliance, legal, operations, and business units to integrate security best practices into corporate and shipboard operations. Stay ahead of the cybersecurity landscape, evaluating new technologies such as AI-driven security analytics, zero-trust architectures, and blockchain-based identity management to enhance security capabilities. Documents and communicate security architecture decisions and strategies effectively. Present executive recommendations to facilitate technology product selections, buy vs build decision, and direction for strategic product roadmaps. Accountable for large/complex estimation activities, and quality of estimates, in collaboration with the product teams and peer architects. Performs other duties as required. Qualifications, Knowledge and Skills Bachelor’s or Master’s degree in Engineering, Computer Science, Information Technology, Math, or a related field. 10+ years of experience in information security, including 5+ years in a security architecture leadership role. Proven ability to design, develop, and implement secure, scalable, and robust system architectures aligned with business goals. Strong knowledge of enterprise architecture and security frameworks, including NIST, ISO 27001, and CIS. Hands-on experience with IAM solutions such as ForgeRock IAM and Symantec MFA, as well as threat modeling tools like IriusRisk. Proficient with Active Directory, Office 365, Symantec antivirus, MFA, firewalls, SIEM, IDS/IPS, endpoint protection, and encryption technologies. Experience with at least one major cloud platform (AWS, Azure, or GCP) and familiarity with cloud-native services and hybrid environments. Familiarity with maritime IT environments, including shipboard networks, satellite communications, and maritime cybersecurity regulations. Understanding of data privacy regulations such as GDPR, CCPA, and HIPAA. Strong communication skills with the ability to document and present architectural decisions to technical and business stakeholders. Experienced in working with senior leadership to define technology roadmaps and lead product-level solutioning. Proficient in software architecture, configurations, integration, and technical implementation of enterprise software products. Recognized as a technical expert across multiple products and a mentor to engineering teams on frameworks, tools, and integration patterns. Preferred certifications include CISSP, CCSP, or equivalent. Continuously tracks emerging technologies, architectural trends, and vendor solutions to evolve security practices. Royal Caribbean Group is an equal employment opportunity employer and prohibits discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law.
#J-18808-Ljbffr