Carnival Corporation

Director, Maritime Cybersecurity Compliance

Apply
Job ID 4720 Date posted 09/23/2022 City Miami State FL Country United States Job Type Full Time

Job Description


JOB SUMMARY:

The Director of Maritime Cybersecurity Compliance is responsible for the overall management and procedure creation for global maritime cybersecurity compliance across Carnival Corporation.  Additionally, this role must ensure all Carnival Corporation vessels comply with cybersecurity International Safety Management (ISM) code, all flag and port state regulatory guidelines, IMO, Coast Guard, and BIMCO’s cyber requirements.  The Director of Cybersecurity Compliance will be responsible for creating, modifying, and editing cybersecurity procedures in the global Health, Environment, Safety, Security Management System (HESS MS) and ensuring compliance against these procedures.  This position is responsible for confirming that all global audits, recommendations, and self-reported non-conformities to cybersecurity procedures are responded to and adhered to in a timely manner.  Additionally, this position will create corrective and preventative action plans to guarantee ongoing compliance.  This individual will serve as the primary Maritime Cybersecurity liaison between identified Brand Cybersecurity contacts, shoreside Technical Operations teams, internal/external auditors, Information Technology Officers (ITOs), Shipboard Operation Teams and other key stakeholders as it relates to cyber audits. This position is required to stay apprised of all Cybersecurity ISM code updates to communicate and implement changes globally.  Additionally, this individual will assist with the completion of risk assessments and tabletop exercises in incident response drills, as well as the creation of effective recovery plans and cyber incident documentation.  This role will represent Maritime Cybersecurity at audit meetings.  This role entails developing a team of cybersecurity analysts, either through direct or an indirect matrix reporting, to ensure the cyber framework is followed and monitored.  Also, he/she is responsible for the performance of the team, and will need to recruit, train, coach, and develop the Maritime Cyber analysts. This position is responsible to follow all department budget and financial controls.               

ESSENTIAL FUNCTIONS

  • Develop and implement a comprehensive and global maritime cybersecurity compliance framework to achieve a strong compliance maturity model, ensuring that audit findings and non-conformities are responded to and adhered to in a timely manner.
  • Develop and maintain cybersecurity policies and procedures within GISCS and the global Health Environment Safety & Security Management System (HESS MS).
  • Conduct root cause analysis, create corrective action plans, preventative action plans, and procedural protection measures.
  • Develop training and deliver cyber threat awareness programs across all levels of both Shipboard and Shoreside Maritime teams (e.g., webinars, emails, digital signage).
  • Create executive dashboards to report KRI’s, KPI’s, audit findings, accomplishments and publish to senior management and key stakeholders. 
  • Respond to cyber incidents, develop action reports based on incident mitigation needs, and communicate findings to the various GISCS and compliance committees such as Information Security Steering and Audit Committees.
  • Complete risk assessments, identify recovery plans, and create cyber incident documentation.
  • Maintain knowledge of all industry regulations as it relates to Maritime cyber guidelines such as, but not limited to, CLIA, BIMCO, IMO, NIST, US Coast Guard, DHS, CISA, UK’s NCSC, MSC-FAL.1/Circ.3, etc.    

QUALIFICATIONS

  • Bachelor’s Degree Cybersecurity, IT Compliance, Audit, 
  • MBA and/or Advanced Computer Science Degree Preferred
  • ISM Code a significant Plus
  • CRISC or other Security Professional Certification highly preferred
  • 8+ years related experience executing compliance framework and audits. 
  • 8+ years information/cybersecurity experience. 
  • 8+ years technology project management with experience building process, controls, operating procedures, and guidelines. 
  • Proven experience in project leadership, communications at all levels within an organization, conflict resolution, planning, organization, and management
  • Proficient analytical skills, thorough and accurate, able to identify key issues, interpret information and present recommendations and conclusions.  Knowledge of International Safety Management (ISM) code and IT regulatory guidelines, previous experience doing security assessments
  • In addition to other duties/functions, this position requires full commitment and support for promoting ethical and compliant culture. More specifically, this position requires integrity, honesty, and respectful treatment of others, as well as a willingness to speak up when they see misconduct or have concerns.

About Us

In addition to other duties/functions, this position requires full commitment and support for promoting ethical and compliant culture. More specifically, this position requires integrity, honesty, and respectful treatment of others, as well as a willingness to speak up when they see misconduct or have concerns.

Carnival Corporation & plc is a global cruise company and one of the largest vacation companies in the world. Our portfolio of leading cruise brands includes Carnival Cruise Line, Holland America Line, Princess Cruises and Seabourn in North America; P&O Cruises, and Cunard Line in the United Kingdom; AIDA in Germany; Costa Cruises in Southern Europe; and P&O Cruises in Australia. Our employees have a responsibility to be accountable for all actions. We consider the environment in all aspects of our business and have a responsibility to put safety andsustainability first. We live and share a positive attitude which is based on fostering an environment of inclusion, trust, a willingness to listen, openness and integrity.

Carnival Corporation & plc and Carnival Cruise Line is an equal employment opportunity/affirmative action employer. In this regard, it does not discriminate against any qualified individual on the basis of sex, race, color, national origin, religion, sexual orientation, age, marital status, mental, physical or sensory disability or any other classification protected by applicable local, state, federal and/or international law.

Benefits as a member of Carnival's Team:
  • A comprehensive benefit program which includes medical, dental and vision plans
  • Additional programs include company paid term life insurance and disability coverage and a 401(k) plan that includes a company match
  • Employee Stock Purchase plan
  • Paid vacation and sick time
  • Cruise benefits
  • An on-site fully accredited preschool educational program located at our Doral campus
  • An on-site Wellness Center and Health clinic at our Doral campus
To view a copy of Carnival's FMLA, EEO and EPPA posters please visit: (click or copy and paste link into your browser).


Apply
Explore Our United States Location View Map

Sign Up For Job Alerts

UK users, please enter your number with the international code 44. (e.g. 447912345678)

Interested InEnter category and/or location, then click ADD. You must have at least one alert in the list below in order to subscribe.

BRAND*Select All Brands That Apply

By uploading your CV/resume you are not submitting an application for employment.

slider-image
slider-image
slider-image
slider-image
slider-image
slider-image
slider-image