Jobs at Alaska Airlines & Horizon Air

Job Information

Alaska Airlines Director Information Security in Seattle, Washington

Company Alaska Airlines

The Team

Guided by our purpose, core values, and leadership principles, we are creating an airline people love. Our corporate teams set the strategies and operational plans to ensure the success of our company. Whether we use our expertise in accounting, human resources, finance, planning, legal, marketing, or any of our operational divisions, our shared passion for travel and our guests is what motivates us to achieve excellence each day. If you share our passion for creating an airline people love, we want to hear from you.

Role Summary

The Director of Information Security Governance, Risk, and Compliance sets the long-term strategy and oversees all aspects of the governance, risk, and compliance programs that support the Alaska Air Group (AAG) Information Security department. As a people leader, this role establishes strategic goals and direction for a team of leaders and individual contributors that implement and operate these cyber security programs.

Key Duties

  • Establish strategic goals and direction for the team of program managers and analysts that support the cyber security programs. Set long-term strategy for cyber security governance, including policy development and management, standards adherence, and framework adoption.

  • Develop strategy for successfully managing compliance programs that ensure continuous adherence to all internal as well as external, regulatory requirements such as PCI, and SOX.

  • Develop people through effective performance management and ongoing feedback, focusing on fostering strategic and systems thinking, development of talent, and succession planning across teams and disciplines.

  • Shape culture of the team through action, presence, and reinforcement of behaviors.

  • Develop, implement and manage a strategic, comprehensive enterprise technology security and risk management program to ensure that information assets are secured.

  • Develop, maintain and publish up-to-date technology security policies, standards and guidelines.

  • Work with business units to facilitate IT risk assessment and risk management processes.

  • Create, communicate and manage a risk-based process for technology vendor risk management.

  • Own the communication plan, metrics (KPIs, OKRs), and mechanisms that share the current and evolving state of all cybersecurity programs. Participate in all efforts related to information security awareness training and effectiveness, including the definition of and tracking against security metrics.

  • Cultivate relationships with all critical stakeholders to ensure ongoing projects follow established security policies.

Job-Specific Experience, Education & Skills

Required

  • 8 years of experience in developing and operating cybersecurity programs.

  • 5 years of leadership experience, with at least 2 of those years directly leading people.

  • Bachelor’s degree with a focus in Cybersecurity, or an additional two years of relevant training/experience in lieu of this degree.

  • Strong knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX) and Payment Card Industry (PCI)/Data Security Standard (DSS)requirements.

  • Solid understanding of the OSI model, especially as it relates to all facets of information security.

  • Strong process, architectural and documentation skills, including experience with related tools (such as PowerPoint, Visio, etc.).

  • Exceptional leadership and interpersonal skills, including teamwork, facilitation, and negotiation.

  • Excellent written and verbal communication skills and the ability to clearly communicate security and risk-related concepts to technical and non-technical audiences required.

  • Flexible, adaptable, and able to manage multiple tasks in a dynamic, fast-paced environment.

  • High school diploma or equivalent.

  • Minimum age of 18.

  • Must be authorized to work in the U.S.

Preferred

  • CISSP and/or CISM certifications.

  • ITIL certification.

  • Broad technical knowledge of all security domains.

  • Knowledge of two-factor authentication systems and their various uses.

  • Knowledge of encryption technologies and methods, especially those dictated by PCI compliance guidelines.

  • Be capable of executing efficiently, meeting deadlines, and focusing on specific goals.

Job-Specific Leadership Expectations

  • Embody our values to own safety, do the right thing, be kind-hearted, deliver performance, and be remarkable.

  • Create a diverse and inclusive culture where all employees feel safe, included and they belong.

Total Rewards

Alaska Airlines and Horizon Air pay and benefits can vary by company, location, number of regularly scheduled hours worked, length of employment, and employment status.

  • Free stand-by travel privileges on Alaska Airlines & Horizon Air with high priority status

  • Select number of confirmed travel credits provided annually

  • Comprehensive well-being programs including medical, dental and vision benefits

  • Generous 401k match program

  • Quarterly and annual bonus plans

  • Generous holiday and paid time off

For more information about Alaska/Horizon Total Rewards please visit our career site and view benefits.

FLSA Status Exempt
Employment Type Full-Time
Regular/Temporary Regular
Location Seattle
Equal Employment Opportunity We are proud to be an Equal Employment Opportunity (EEO) and Affirmative Action (AA) employer that is committed to diversity, equity, and inclusion. We take affirmative action to ensure equal opportunity for all qualified applicants and employees and do not discriminate based upon race, color, religion, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, national origin, age, protected veteran or disability status, genetic information (including family medical history), political views or activity, or other legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local law. We may use your information to maintain the safety and security of Alaska Airlines and Horizon Air, its employees, and others as required or permitted by law. People of color, women, LGBTQIA+, immigrants, veterans, and persons with disabilities are encouraged to apply.
Requisition Type Management
Job Locations USA-WA-Seattle
Requisition ID 2022-9443
Category Corporate & Operations

DirectEmployers