Share this Job

Director of Information Security Governance, Risk & Compliance

Date: May 25, 2019

Location: Broomfield, CO, US

Company: Vail Resorts

Reach Your Peak at Vail Resorts. You're someone who pushes boundaries and challenges the status quo. You're brave, ambitious and passionate in everything you do. And we want you on our team. Pursue your fullest potential and never settle in the quest to deliver extraordinary guest service. Join one of the world's most innovative companies and re-imagine a mountain resort experience with us. Welcome to Vail Resorts. Reach Your Peak.

Welcome to Vail Resorts. Reach Your Peak.

Summary of Job:


As the Director of Information Security Governance, Risk, & Compliance (GRC) you will be responsible for partnering with IT & Business Leadership to develop, implement, maintain, and mature a strategic, risk-based roadmap for the GRC component of our Information Security, Risk, & Compliance program. The goal of this road map is to implement appropriate practices thereby protecting the organization and supporting our strategic objectives. This talented individual will work cross-functionally to develop guidelines and standards as well as educate and enable our employee base to ensure we meet our Information Security, Risk, & Compliance objectives. 


The Director’s day-to-day activities include implementation and maintenance of our Information Security GRC program, including but not limited to the following:

  • Governance (Policies/Procedures, Security Awareness, Education, Training, Program Oversight & Measurement, etc.)
  • Risk Management (Risk Assessment/Management, 3rd Party Risk, Security Testing, Project Support, DR/BCP, etc.)
  • Compliance (PCI, SOX, Policy Enforcement, Internal Audits, etc.)

The ideal candidate will have experience building, maintaining, and maturing effective GRC programs.


As a key addition to the Information Security Leadership Team, reporting to the Senior Director of Information Security, Risk, & Compliance, the Director of Information Security Governance, Risk, & Compliance will play a critical role in coordinating strategy, sustaining excellence and nurturing team culture and growth. This is a leadership role with regular interactions with our CIO as well as many different IT and Business Leaders


Essential Job Responsibilities 


  • Drive:  Develop and drive the ownership and accountability of Information Security Risk, and Compliance objectives and supporting IT initiatives.
    • Able to facilitate multi-disciplinary strategic discussions with senior business and technology leaders combined with strong, clear and concise communications skills
    • Provide leadership for a multi-disciplinary delivery team to ensure successful implementation of key initiatives across the consumer-facing web, mobile, mobile app and ecommerce application portfolio.
    • Provide project/program facilitation and oversight; facilitate agreement on objectives and success measures, provide overall project/program issue resolution and roadblock removal. 
    • Partner with Information Security, IT, & Business Leadership in execution of a roadmap that aligns with our Business Strategy.
  • Connect:  Inspire trust and build strong, authentic, productive relationships within the organization and with key stakeholders.  Effectively engage and collaborate with leadership across the organization to develop, define and build on innovative ideas and business priorities
    • Acts as a role model for developing and maintaining positive, collaborative relationships with all constituents including business and IT peers and leaders.
    • Engage broadly and deeply across the organization to quickly connect information and people to drive enterprise projects, programs and initiatives.
    • Partner with stakeholders to understand their drivers and needs, and use that knowledge and those relationships to drive effective prioritization and roadmaps for delivery.
  • Develop:   Create an environment of continual improvement both inside and outside of direct team.
    • Empower team members and develop talent through monitoring and evaluation of performance, alignment to corporate professional development program, and company growth.
    • Demonstrate the ability to learn and develop as a self-starter requiring little direction.  We are looking for someone who shows the potential to do more and is a natural leader.
    • Be a Producer of Talent with individuals on your team and across the organization.
  • Out Front: Anticipate the needs of key leadership and facilitate as well as motivate those around you to identify solutions that both improve the security of our environment and advance business objectives.
    • Maintain an external network to ensure our organization continuously analyzes new threats, trends, innovations, etc. and ensures we our strategy and priorities stay appropriately aligned.
    • Provides expert recommendations based on strong front-to-back understanding of existing digital capabilities and frameworks combined with a strong understanding of emerging technologies.
    • Be curious about our business and seek to understand our strategy, business practices, and projects.
  • Re-Imagine: Bring new ideas, methods, and approaches to Vail Resorts and this role.  Leverage own expertise to challenge the status quo and drive decisions and actions necessary to improve our business processes and related technology.
    • Evolve current GRC practices to better align with recent growth and ensure future scalability.
  • Passion: Demonstrate an unyielding passion for the employee experience, culture, mission and vision.  Lead by example and inspire others to follow.


Job Qualifications:


  • Bachelor’s degree in Business, Technology or related field
  • 10+ years of relevant work experience including proven ability to successfully lead and oversee critical projects and cross functional efforts
  • Strong working knowledge and understanding of key concepts in Information Security, Risk Management, and Compliance
  • Successful regular exposure to Director and VP levels within IT and the Business
  • Understanding of corporate Governance, Risk, and Compliance functions
  • Consistently demonstrated growth in their own skills & leadership.


Other Requirements:



  • Ability to drive strategy, vision, direction, and prioritization on enterprise wide projects and programs at the senior leadership level.
  • Can manage initiatives from concept through to completion, including the development and presentation of a business case.
  • Applies critical thinking to generate new thoughts and opportunities; has ability to collaborate and build on strategic and innovative thoughts/ideas.
  • Informed on industry standards and practices, and a forward thinker on new and innovative approaches.

Project Management:

  • Ability to socialize and manage a portfolio of projects in support of stated strategic objectives.
  • Manage operational business impacts as well as technical components of the program or project.
  • Provide vision and leadership regarding organizational design and resourcing of large, complex and undefined enterprise wide initiatives including all aspects of management from vision through execution.


  • Manage enterprise wide programs with complex financial models including internal and external stakeholders and complex contract negotiation.
  • Participate in the annual expense and capital budgeting processes & cycles for their areas.

Employee Management:

  • Ability to manage/oversee internal and contract resources.
  • Ability to produce talent on their team and across the organization

Vendor Management:

  • Provide leadership and guidance to external vendors.
  • Ability to work through vendor contract management issues.

We offer a variety of career opportunities at our world-class resorts and corporate headquarters near Boulder, Colorado in fields like Finance & Accounting, Human Resources, Information Technology, Legal, Public Affairs & Sustainability, Marketing, Sales & Communications and more. Our corporate team shares both a passion for the outdoors and a drive to re-imagine the mountain resort experience around the world. Learn more at
Vail Resorts is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veteran status or any other status protected by applicable law.


Requisition ID 165844

Nearest Major Market: Denver