Job Description

:
About Us
Booking Holdings India is a Center of Excellence based in Bangalore, India and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands.
As part of our Booking Holdings India team, you will have the opportunity to be a part of the world's leading provider of online travel, with a mission of making it easier for everyone to experience the world through six-primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK, OpenTable and Rentalcars.com.
Job Summary :
The IT Risk Officer- BHFS NIST Cyber Maturity is responsible for partnering with the BHFS within the Booking Holdings Group in the NIST CSF driven Cyber Security Maturity assessment process is established and implemented across the business units. The role involves a combination of Cyber Security domain controls review and expert level project management skills in day to day activities as part of implementing the Governance processes involving NIST CSF based framework creation, maturity assessments, recommendations management and reporting. The role works closely with stakeholders from multiple departments and business units and has the ability to zoom in and out of the details to ensure full understanding of the BHFS business processes and supporting technology.
The IT Risk Officer - BHFS NIST Cyber Maturity role requires solid stakeholder management skills, and to be comfortable with Control owners to come up with robust, scalable solutions which mitigate key risks identified as part of Cyber Security Maturity assessments while enabling successful and thriving business operations.
Responsibilities :
Work as a liaison between BHFS CISOs and Booking security teams as part of Booking risk governance team.
Lead the Governance processes involving BHFS NIST CSF based framework creation, assessments, recommendations management and reporting.
Build and manage BHFS Cyber Security Framework on the basis of NIST CSF and customize it to match the line of business scope and nature of operations.
Perform and lead annual or biennial Cyber Maturity assessments across BFHS in line with Booking.com and BHI Cyber Security Maturity processes and annual schedule.
Lead post assessment activities like report creation, working with control owners for alignment on ownership, scoring, recommendations and alignment with business and security leaders like BHFS CISOs across multiple geographies that include Ireland, USA, EEA and Amsterdam.
Central point of contact for e BHFS NIST CSF Cyber Maturity Assessments and support the BHFS internal teams and stakeholders.
Manage recommendations from BHFS Cyber Maturity Assessments by working closely and collaboratively with control owners, BU leaders and BHFS CISOs/ BISOs by understanding the control context and helping them understand the control outcomes and criteria of success.
Provide advisory as SME to BHFS strategic programs.
Demonstrate expert level project management and stakeholder management skills by coordinating and collaborating with stakeholders like Programs managers, Booking security and technology leadership, BHFS CISOs, NIST Controls owners, SMEs and local leadership.
Qualifications :
Bachelor Degree
Broad Job Knowledge with relevant years of experience in industry (non-consulting / non auditing) , preferably in FinTech business
Work experience in business analysis, auditing, corporate governance, risk management or internal controls
Experience in different risk and cybersecurity related domains including familiarity with NIST and other industry-standard frameworks such as SOX, PCI-DSS with advanced knowledge of IT and or Cyber controls in payments environment
Ability to develop solid relationships with business partners in order to drive the adoption of the risk management culture
Thorough technical understanding of internal control requirements and design and experience in applying them in various businesses
Able to split large tasks into logical, manageable and decoupled actions which are managed effectively and delivered on time
Be able to work in flexi hours covering Amsterdam, India, Ireland and USA time zones.
Be flexible and agile in response to the change in business, change in stakeholder expectations and/or change in regulatory/operating environment
Strong independent contributor, while still a strong team player
Pre-Employment Screening
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.

Skills Required