Travel Tech Essentialist Job Board

The Leading Platform for Travel Tech Careers and Talent. Jobs updated daily

Employers / Post a Job

Senior Director Tech Risk Operations

Booking.com

Booking.com

Sales & Business Development, Operations
Amsterdam, Netherlands
Posted on Thursday, June 6, 2024

Job Description

JOB DESCRIPTION FOR:

Senior Director Tech Risk Operations

About Booking.com

Established in 1996 in Amsterdam, Booking.com has grown from a small Dutch start-up to one of the largest ecommerce companies in the world. Booking.com is the largest business within Booking Holdings (NASDAQ: BKNG) and accounts for the vast majority of Booking Holdings’ total revenue. Booking Holdings is a leading Fortune 500 e-commerce conglomerate with a market cap of roughly $119,69 billion (2023). Booking.com currently employs approximately 13,000 employees in 140 offices in 70 countries worldwide.

With a mission to make it easier for everyone to experience the world, Booking.com invests in digital technology that helps take the friction out of travel. Booking.com connects travelers with the world’s largest selection of incredible places to stay, including everything from apartments, vacation homes, and family-run B&Bs to 5-star luxury resorts and even tree houses. The Booking.com website and mobile apps are available in over 44 languages, offer more than 28M total reported listings, and cover over 174,000 destinations in 229 countries worldwide. Offering 30 different types of places to stay, including homes, apartments, B&Bs, hostels, farm stays, bungalows, even boats, igloos, and treehouses. So whether travelling for business or leisure, customers can instantly book their ideal accommodation quickly and easily, without booking fees and backed up by its promise to price match. Via the customer experience team, customers can reach Booking.com 24/7 for assistance and support in over 44 languages, any time of the day or night.

At Booking.com, we are all involved in making hundreds of decisions every day. The decisions we make are a reflection of our Values - they reflect what is important to us, both as individuals and as an organisation.

When Values are made explicit, they provide clarity on what “good” looks like. And when they are shared, they build unity in a group. They build culture.

Think customer first. We obsess about adding value for our customers - guests, partners, colleagues - to make it easier for everyone to experience the world.

Own it. We deliver on our promises, make informed decisions and prioritize to get the important things done today.

Learn forever. We are resilient, take time to reflect, and seek to learn – from colleagues, from the outside world and from our failures.

Succeed together. We celebrate team success, through making connections, building trust and valuing the diverse perspectives of others.

Do the right thing. We get the right results the right way. For each other, our communities and the world around us.

Central Tech - Security

The Central Tech - Security, Safety, & Fraud department is looking to hire a Senior Director of Tech Risk Operations. This role is pivotal in shaping our security posture and communicating risks to leadership and board members. We are looking for a dynamic leader with a passion for security and risk management, ready to make a significant impact by taking into consideration today's evolving digital world. You will lead risk management efforts across multiple domains, including cybersecurity, physical security, fraud, and trust and safety. You will drive impactful initiatives while encouraging a collaborative and inclusive work environment.

Responsibilities:

Reporting to the Chief Security Officer you will shape our cybersecurity, safety, trust, and fraud risk management efforts. You will lead and develop a globally dispersed team of 100+ FTEs, and work with our Centers of Excellence in Romania and India.

This role is located in Amsterdam, The Netherlands.

You will be responsible for: Building a risk management system for security, safety, and fraud in order to demonstrate to the leadership and the board how we are leading risk at a corporate level. You will be taking a broad view to explain how we are identifying, leading and measuring risk across the Security, Safety, & Fraud subject areas.

  • Leadership in Security Risk Management: Lead efforts in safeguarding the organisation's digital and physical assets through robust risk management strategies.
  • Governance Risk & Compliance (GRC): You will have responsibility for GRC for Booking.com SS&F risk subject areas. This includes the process for creating, updating, and leading SS&F-related policies, standards, and guidelines; as well as providing the risk register for SS&F risks across the enterprise.
  • First Line of Defence: You will be responsible for the Business Information Security Officer (BISO) Program, including leading the BISOs directly, and creating and providing metrics to report to the respective BUs in order to ensure that the BU’s are leading the SS&F risks to their business. This will include projects that drive the culture of the organization to encourage security, safety, and compliance "by design," such as embedding security into their product lifecycle.
  • Strategic Vision: Work with SS&F to develop long-term strategy for the organization, and establish a process to identify budgetary and hiring needs based on the strategic goals, risks, and priorities. .
  • Framework Implementation and risk registers: You will also set up risk management system frameworks for Cybersecurity, Trust & Safety, Fraud, & Physical Security. Accountable for implementing and maintaining cohesive Information Security Management System (ISMS) and Risk Management System (RMS) frameworks. Drive consistent, repeatable, measurable risk identification, assessment, and mitigation processes. You will develop and maintain risk registers for cybersecurity, fraud, trust & safety, and global security & resilience.
  • Communication and Reporting: You will ensure open and timely reporting on risk posture to leadership and relevant collaborators, including contributing to Board and risk committee materials.
  • Business Partnership: You will collaborate with business leaders to communicate risks and develop remediation plans, ensuring alignment with risk management strategy. You will work with stakeholders across the company to embed risk management into business operations. You will quantify risks to prioritise projects and initiatives across Security, Safety & Fraud and business units.
  • Adaptability & Continuous improvement: You will respond and adjust to changing risk management regulatory requirements and emerging threats to maintain effective risk management practices. You will establish a resilient and repeatable and continuously improving risk management process.
  • Cross-functional Leadership & collaboration: You will lead cross-departmental projects and initiatives to strengthen security posture and ensure projects are delivered on time and within budget. Work closely with collaborators to align risk management strategies with business priorities and must-dos.

Ideal Experience & Skills:

  • Substantial years of experience in Cyber Security (preferred) or Fraud, with significant years leading high-performing, impactful teams
  • A dynamic leader with experience in risk management organisational change, influencing executives and or the board.
  • Experienced in cloud-based security solutions
  • An enthusiastic and persuasive leader who has driven successful risk management programs
  • A patient and relaxed leader who is skilled at translating technical risks to non-technical audiences
  • Direct, creative problem solver able to communicate concepts to a broader audience and create clarity.
  • Experience in driving security with engineering teams to embed this in ways of working.
  • Experience in collaborating with finance teams on finance based risk, using a data driven approach. (e.g quantify how much we have spent in a risk project vs how better prepared we are to face risks)
  • Connects disparate risks to create a clear overall risk picture
  • Confident leader, adept at handling conflicting priorities
  • A balanced background between creating and implementing strategy. Operational efficiency metrics.
  • Preferred certifications: CISM, CISSP, COSO ERM, or similar risk management certification
  • Organised with strong attention to detail and execution skills
  • Familiarity with risk frameworks: NIST, ERM GDPR, ISO 27001, NYDFS, etc.
  • Experience in matrix or federation environments

OTHER PERSONAL CHARACTERISTICS

  • Character traits: Respectful, high emotional intelligence, and collaborative work style. Comfortable with ambiguity, creating clarity.
  • Consensus-driven, achieving collaborative solutions
  • Integrity, independent thinking, and courage
  • Thrives in fast-paced, demanding environments
  • Open mind, learning demeanour, transparent behaviour, positive, multitasker, strong communicator, proactive and collaborative.
  • Strategic problem solver yet focused on execution; able to roll up sleeves to get things done.
  • Data driven, experimental, ready to learn and open to change.
  • Keep the customer at the centre of everything you do.
  • Good cultural and organisational sensitivity.
  • Committed to building a diverse, inclusive work environment.

Pre-Employment Screening:

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.