Job Description Summary

This role is responsible for supporting Information Technology Security Communications and Compliance. This includes security awareness, technology audit and compliance programs, IT policy development and management, as well as Sonesta’s privacy program and related activities.
Working independently across teams throughout the company, this role will assist in increasing the ongoing cultural change supporting a strong security posture. Compliance activities including PCI compliance and other IT audit support will be a key activity, as well as making sure Sonesta privacy functions operate smoothly.
This role must insure compliance initiatives are completed in a timely manner. Working independently across teams, this role will manage the data collection and research to support internal and external audits, along with privacy processes and communications. Security Awareness training and feedback are vital tools used by this role to support cybersecurity goals across Sonesta.

This role is a Hybrid role. 3 days in our Newton Office and 2 days remote.

Job Description

Identify the top human risks to our organization and the behaviors we need to change to mitigate those risks.Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work.Create a metrics framework that can effectively measure human security requirements.Perform privacy risk assessments and related compliance monitoring initiatives.Oversee, direct, and deliver security privacy training and orientation to all employees.Advise teams monitoring the use of PII so that it can be reviewed during audits.Identify the top human risks to our organization and the behaviors we need to change to mitigate those risks.Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work.Create a metrics framework that can effectively measure these requirements.Assist and support the audit activities associated IT general controls and serve as a liaison with internal audit, external audit, and IT contacts.Support process owners with their control documentation, perform walkthroughs as required, and execute internal controls testing.Collaborate with control and process owners to develop and implement corrective actions to address identified control deficiencies.Assist and support the administration of corporate IT policies.Evaluate existing policies to identify gaps and areas for improvement. Work with various stakeholders to ensure the policies are not only compliant with regulation, but that they are in line with the needs of the organization.Provide periodic status reports as requested for areas of responsibility.

Skills and Qualifications

Required:

3-5 years of Security Communications and IT General Controls or relevant experience.Strong documentation and organization skills.Strong knowledge of Excel, Word, Office 365 SharePoint Sites and List creation and execution.Assist with other assigned cybersecurity tasks and initiatives.Excellent analytical and problem-solving skills.Relationship building and team development skills.Excellent communication and interpersonal skills.Ability to communicate with and coordinate the activities of others.Skilled at strategic planning and goal-setting.Practical knowledge of different message distribution techniques, focusing on clear understanding by the target audience.Understanding of the concepts of information risks and the different elements that make up risk.Presentation skillsSelf-motivated, creative, flexible, and eager to initiate change.

Preferred but not required:

Working knowledge of learning management systems, privacy management systems, GRC systems, and/or human risk management platforms.

Working knowledge of SebDB (Security Behaviour Database) and the NIST Privacy Framework v1.0.

Any relevant certification or specialized training.

Marketing, public relations, or business management skills.

Bachelor’s degree in a relevant business or technical field.

Additional Job Information/Anticipated

Pay Range

$130,0000 to $150,000. Base pay offer may vary depending on various factors, including but not limited to job related knowledge, skills and job specific/overall experience. 

Benefits

Sonesta recognizes that benefits play a vital role in helping ensure the health and financial security of employees and their families. We offer a variety of benefits to our employees including:

Medical, Dental and Vision InsuranceHealth Savings Account with Company Match401(k) Retirement Plan with Company MatchPaid Vacation and Sick DaysSonesta Hotel DiscountsEducational AssistancePaid Parental LeaveCompany Paid Life InsuranceCompany Paid Short Term and Long Term Disability InsuranceVarious Employee Perks and DiscountsHospital IndemnityCritical Illness InsuranceAccident Insurance

Sonesta is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Upon submitting your application, please ensure you complete a full application in addition to attaching a resume. Incomplete applications received will not be considered.