Director of Cybersecurity

Director of Cybersecurity

We love what we do and what we do is important! We believe that everyone should leave feeling better - this means not just our guests, but also our teammates. Everyone should go home feeling better because they learned something new or had fun working that day. Therefore, we hire unique individuals who work together to create amazing experiences for our guests. We recognize that every member of the team contributes to the success of the whole hotel. No-one is more important than anyone else, and unless we are in it together, we can't create that special experience for our guests.

Your mission:

Should you decide to accept it... The Director of Cybersecurity oversees the secure implementation and maintenance for the Virgin Hotel Collection’s IT Cybersecurity needs, ensuring its reliability, performance, and compliance. This role involves managing assets, security protocols, and security operations needs while also ensuring compliance with relevant regulations and industry standards.

This role will play an important part in guiding the deployment and oversight of security technologies for Virgin Hotels Collection. They will continue to work with and guide the business to ensure they remain compliant with industry standards, best practices, and security protocols as needed. This will be done by performing property visits, assisting with property budgets (P&L and Capital) and working with the home offices regarding new capabilities and security needs being introduced into the business.

The Nitty-Gritty:

What exactly you will be doing...

• Develop and execute multi-year cybersecurity strategies and roadmaps aligned with business objectives.
• Manage, mentor, and maintain the security team, including internal teammates and MSPs.
• Lead major crisis management efforts, from investigating breaches to implementing long-term recovery solutions.
• Ensure adherence to regulatory frameworks like PCI-DSS, ISO 27001, GDPR, HIPAA, and industry best practices.
• Oversee vulnerability audits, penetration testing, and third-party risk assessments.
• Prepare and manage the cybersecurity budget, justifying capital and operational expenses to executive leadership.
• Manage security operations, including incident response, vulnerability management, and threat detection.
• Implement Operational policies and procedures, ensuring they are aligned with industry best practices and regulatory requirements.
• Manage relationships with IT Security vendors, ensuring they adhere to requirements and provide timely support.
• Monitor the performance of IT infrastructure and security systems, identifying areas for optimization and improvement.

This role reports to the Vice President of Information Technology, Support and Infrastructure.

What qualities are we looking for?

You’ve got skills? If you can perform the following, then you have come to the right place...

• Great team player with the ability to create excellent working relationships across the group
• Ability to break down barriers and resolving potential conflicts swiftly and effortlessly
• Strong communication and presentation skills to all levels of management
• Creativity and innovation are essential!
• Ability to multi-task between operational support, problem solving and enhancement/implementation projects
• Ability to think outside the box and approach all issues with a completely fresh approach
• Ability to anticipate needs and over deliver wherever possible
• Enjoy process improvement
• Evoke inspiration in those around you and encourage them to create their best work
• Unwavering integrity and endless work ethic
• Appreciate constructive feedback, as well as graciously providing the same
• Tenacious and self-motivated
• Self-starter, organized, independent, open

Background must-have:

• Current, legal and unrestricted ability to work in either the United States or the United Kingdom, depending on location.
• The role is open to U.S.-based remote candidates, with a preference for Miami-based talent. Our Miami corporate office, located in Coconut Grove, operates on a hybrid work model. We will also consider candidates based in London, home to our other corporate office.
• Deep understanding of network security, cloud architecture (AWS/Azure/GCP), SIEM, EDR, and zero-trust models is a must.
• 5–10 years of progressive technology experience, with at least 3 years in a leadership or management role required.
• University degree in Information Technology or, an equivalent combination of education and experience sufficient to successfully perform the essential duties of the job is preferred.
• Certifications: Industry-recognized credentials such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA is preferred.
• Experience in Hospitality IT Operations, Infrastructure and Security is strongly preferred.
• Knowledge of on-property hospitality technologies and how they interact with each other is preferred.
• Knowledge of desktop computing environment in a hotel and/or resort is preferred.
• Knowledge of hotel networking environment is preferred.
• Ability to travel domestically and internationally up to 10%.
• Willingness to work evenings, weekends, and holidays, as needed.

Key skills/competency

• Cybersecurity Strategy
• Incident Response
• Vulnerability Management
• Regulatory Compliance (PCI-DSS, GDPR)
• Cloud Security (AWS, Azure, GCP)
• Security Operations
• Risk Assessment
• Team Leadership
• Vendor Management
• Network Security