Manager Sr., Cybersecurity Risk

The Senior Manager, Cybersecurity Risk is responsible for implementing, executing, and maturing the Cybersecurity Risk program by overseeing the identification, assessment, and treatment of cybersecurity risks and evaluating and monitoring the overall security risk profile across Carnival Corp and the Operating Lines. This role involves developing risk management strategies, implementing controls, and supporting the organization in adhering to industry best practices, standards and relevant regulations. The Senior Manager will work closely with the Global Cybersecurity (GCS) team, IT, Legal, Compliance, Audit, and business leaders to safeguard corporate assets, influence risk-based decision-making and maintain a strong security posture in a complex, highly regulated environment. The ideal candidate will have advanced expertise in cybersecurity risk management, strong analytical and strategic skills, and experience working in complex, cross-functional, and globally distributed environments. This program and role will act as a catalyst for driving the business in achieving its objectives through the enablement of risk-based decisioning and activities that prevent or mitigate the impact of cybersecurity risk manifestation. He / She will support the VP, Global Strategy & Governance in developing the cybersecurity risk strategy and providing cyber risk management oversight; supporting the GCS team in the development and enhancement of security policies, relevant standards, and key cybersecurity technology. The scope of this position is global in nature and will work collaboratively across Carnivals brands and operating companies to facilitate enterprise cybersecurity risk management, control, and reporting in conjunction with business stakeholders.

Essential Functions

• Execute, mature, and optimize the cybersecurity risk management program and processes, including risk identification, assessment, treatment, and reporting.
• Lead and conduct macro and micro cyber risk assessments and threat modeling for systems, processes, and projects to identify risks and recommend mitigation strategies.
• Maintain a comprehensive risk register and oversee risk treatment plans with clear accountability and timelines, including reporting and escalations as appropriate. Develop strategies and action plans to drive security maturity improvement in areas where controls do not adequately mitigate risks.
• Partner with business and IT stakeholders to integrate risk management into strategic planning and operational processes. Partner with Global Security Architecture & Engineering, Global Threat Intelligence & Readiness, and Compliance Assurance teams, to develop risk mitigation strategies, solutions, and recommendations to reduce components, systems, or enterprise cybersecurity risk.
• Develop and report key risk indicators (KRIs) and metrics to executive leadership and governance committees. Establish annual and long-term goals, defining risk and strategies, metrics, and reporting mechanisms.
• Partner with IT, operating lines, Governance and Compliance to facilitate alignment with regulatory requirements (e.g., SOX, PCI-DSS, SOC, NIST, ISO 27001, GDPR, CPRA, etc.).
• Communicate risk findings and recommendations to senior management and stakeholders through reports and presentations. Provide briefings to leadership and advise of critical risks and issues that may affect business or enterprise cybersecurity objectives.
• Champion a risk-aware culture through training, awareness campaigns, and stakeholder engagement. Serve as a risk subject-matter-expert.
• Identify, engage, coach and broker appropriate talent to ensure highest performance of Risk function. Set teams goals and coach the team members to maximize effectiveness and business value through establishing standards and expectations of excellence, facilitating professional development, and motivational techniques.
• Stay current with the evolving threat landscape and emerging risk management frameworks and technologies.
• Performs other duties as assigned.

Qualifications

Knowledge, Skills, and Abilities

Physical Demands

Must be able to remain in a stationary position at a desk and / or computer for extended periods of time.

Travel

No or very little travel likely

Work Conditions

Work primarily in a climate-controlled environment with minimal safety / health hazard potential.

This position is classified as in-office. As an in-office role, it requires employees to work from a designated Carnival office in South Florida Tuesday through Thursday each week. Employees may work from their homes on Mondays and Fridays. Candidates must be located in (or willing to relocate to) the Miami / Ft. Lauderdale area.

Offers to selected candidates will be made on a fair and equitable basis, taking into account specific job-related skills and experience.

Rewards and Benefits

At Carnival, your total rewards package is much more than your base salary. All non-sales roles participate in an annual cash bonus program, while sales roles have an incentive plan. Director and above roles may also be eligible to participate in Carnivals discretionary equity incentive plan. Carnival provides comprehensive and innovative benefits to meet your needs, including :

Cost-effective medical, dental and vision plans

401(k) plan with company match

Holidays All full-time and part-time with benefits employees receive days off for 8 company-wide holidays, plus 2 additional floating holidays

Complementary stand-by cruises, employee discounts on confirmed cruises, plus special rates for family and friends

#LI-Hybrid

#Corp

#LI-SH1

About Us

Carnival Corporation & plc is the worlds largest leisure travel company, our mission is to deliver unforgettable happiness to our guests through our diverse portfolio of leading cruise brands and island destinations.

Join us and embark on a career that offers not only the chance to grow professionally but also the opportunity to be part of a global community that makes a difference.

In addition to other duties / functions, this position requires full commitment and support for promoting ethical and compliant culture. This position requires integrity, honesty, and respectful treatment of others, as well as a willingness to speak up when misconduct is observed or concerns arise.

Carnival Corporation & plc and Carnival Cruise Line is an equal employment opportunity / affirmative action employer. It does not discriminate against any qualified individual on the basis of sex, race, color, national origin, religion, sexual orientation, age, marital status, mental, physical or sensory disability, or any other classification protected by applicable local, state, federal, and / or international law.

#J-18808-Ljbffr