Lead, IS Risk Assessments in Miami, FL at Royal Caribbean

Date Posted: 12/9/2019

Job Snapshot

Job Description

Lead, IS Risk Assessments


Great vacations begin with great employees!

Combine your experience and sense of adventure by joining our exciting team of employees in Miami, Florida. Royal Caribbean Cruises Ltd. is pleased to offer a competitive compensation & benefits package, and excellent career development opportunities, each offering unique ways to explore the world.



Position Summary:

  • Royal Caribbean Cruises, LTD. (RCCL) is in search of a Lead, IS Risk Assessments in the Information Security & Compliance team to supervise the evaluation and management of risk involving systems and applications.
  • The goal of the RCCL IS Risk Assessment program is to create and manage an automated, auditable, repeatable, and demonstrable program to manage information security risk to RCCL information assets.
  • This position assesses the risk of RCCL’s applications and systems using structured interview processes, questionnaires, and review of security, compliance, and data protection documentation.


Essential Duties and Responsibilities:

  • Supervise the IS risk assessment program intake, assessment, remediation, and risk treatment processes.
  • Collaborate with RCCL business sponsors, information technology (IT), and third parties (where applicable) to initiate, conduct, and complete risk assessments in a timely manner.
  • Analyze application and system controls, documentation, and settings to identify information security risks to RCCL.
  • Ensure potential information security and regulatory compliance risks (such as Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCI-DSS), etc.) associated with systems and applications are examined thoroughly, documented, communicated, treated, and monitored.
  • Communicate IS risk assessment requirements with business sponsors, IT, and third parties (where applicable) related to applications and systems and facilitate onboarding process.  
  • Manage and assist in developing and onboarding IS risk assessment tools, templates, and associated processes to provide transparent reporting on activities and portfolio management.
  • Interact and collaborate with key personnel in various departments including, but not limited to, Procurement, IT, Legal, Crisis Management, Compliance and Ethics, Human Resources, Internal Audit, and Global Business Management.
  • Participate in established project management office (PMO) protocols to integrate IS risk assessment requirements (initiation, planning, analysis, design, build, test, deploy, closeout, etc.).
  • Performance of other duties and responsibilities as assigned.


Financial Responsibilities

  • Ensures individual expenses and toolsets align with department budget, company policies, and are approved by direct manager.



  • Bachelor’s in IT / IS, Computer Science, or related discipline is preferred. Non-technical degrees with Computer Science fundamentals will be considered combined with technology experience.
  • At least one Information Security certification such as Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), etc. required.
  • 5 years of IT / IS Risk experience.
  • Demonstrated experience in performing audit / compliance assessments.
  • Experience with internal project consulting to provide compliance and security requirements and guidance.
  • Significant experience in SOX, PCI-DSS, Global Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA) and other regulatory compliance requirements and controls.
  • Superior written and verbal communication skills required.




Job Requirements

Knowledge and Skills:

  • Displays sound judgement with a high level of integrity, ethics, and ability to calmly, diplomatically, and effectively handle stressful situations.
  • Ability to formulate and communicate exceptions / findings and technical solutions.
  • Proven ability to collaborate with technical and business peers.
  • Demonstrate a degree of creativity with strong, analytical problem-solving skills.
  • Strong with methodologies, tools, best practices and processes related to IS risk assessments.
  • Excellent verbal, presentation, and written communication skills for both technical and non-technical audiences.
  • High familiarity with ISO27001/2, NIST, FISMA, PCI-DSS, and other industry standards and frameworks.


Physical Demands: 

  • Ability to receive, express, or exchange detailed information through oral and written communication.
  • Ability to stand, walk, reach, bend, lift and carry up to 25 lbs. of weight (laptop, projector, suitcase, etc.).
  • Ability to be present in the office environment for at least 8 hours per day/40 hours per week.


Work Environment:

  • Fast-paced, fluid, open, and innovative work environment.
  • Requires flexibility and exceptional interpersonal relationship skills.
  • Requires up to 20% local travel to meet with internal and/or external RCCL business partners.
  • Requires up to 10% international travel to RCCL internal offices and/or RCCL ships.



Join our team as a Lead, IS Risk Assessments.  Once you apply, it will take you 10-15 mins to complete our application, which will help us better qualify your candidacy. 


It is the policy of the Company to ensure equal employment and promotion opportunity to qualified candidates without discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law. RCL and each of its subsidiaries prohibit and will not tolerate discrimination or harassment.


Join us at Royal Caribbean Cruises Ltd., where great vacations begin with great employees!


RCL is an Equal Employment Opportunity employer.