Lead IT Portfolio and Vulnerability Management

Journey with us! Combine your career goals and sense of adventure by joining our exciting team of employees. Royal Caribbean Group is pleased to offer a competitive compensation and benefits package, and excellent career development opportunities, each offering unique ways to explore the world.

We are proud to be the vacation-industry leader with global brands — including Royal Caribbean International, Celebrity Cruises and Silversea Cruises — the most innovative fleet and private destinations, and the best people. Together, we are dedicated to turning the vacation of a lifetime into a lifetime of vacations for our guests.

The Royal Caribbean Group’s IT Team has an exciting career opportunity for a full time Lead IT Portfolio and Vulnerability Management reporting to the Senior Manager, IT Engineering & Operations.

The position is onsite and based in Miramar, Florida. 

The position is also not eligible for work authorization sponsorship.

Position Summary

The Lead IT Portfolio and Vulnerability Management role is responsible for overseeing the strategic direction, execution, and continuous improvement of the organization’s BAU portfolio, short term special projects, and unplanned project/remediation efforts, and vulnerability management initiatives. This position drives cross-functional collaboration to ensure the identification, assessment, and remediation of IT short term workloads, critical requests, and vulnerabilities across the enterprise, supporting Royal Caribbean Group’s commitment to secure and resilient technology environments.

Essential Duties and Responsibilities

• Leads the development and implementation of enterprise-wide vulnerability management strategies and frameworks.
• Coordinates vulnerability assessments, scans, and remediation activities across multiple business units and technology platforms.
• Partners with IT, security, and business stakeholders to prioritize and address critical vulnerabilities.
• Develops and maintains metrics, dashboards, and reporting to track vulnerability status and progress.
• Guides the adoption of best practices and innovative solutions for vulnerability detection and mitigation.
• Ensures compliance with regulatory requirements and internal security policies.
• Coordination and management of critical infrastructure operational gaps to bring closure and improvement in IO
• Management and coordination of key operations portfolio programs to align with standards, policies, and resources to transform to modern and efficient models
• Identify deficiencies and coordinate remediation plan for IO teams
• Coordination and direction of Vulnerability Management with Security, Operations, Product Owners and other stakeholders
• Provides subject matter expertise and mentorship to team members and stakeholders.
• Collaborates with external vendors and partners to enhance vulnerability management capabilities.
• Drives continuous improvement initiatives to strengthen the organization’s security posture.
• Communicates risk and remediation strategies to leadership in a clear and actionable manner.

Qualifications, Knowledge and Skills

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field required.
• Advanced degree or relevant certifications (e.g., CISSP, CISM, CEH, PMI) preferred.
• Minimum 5 years of experience in IT security, vulnerability management, or related discipline.
• Demonstrated experience leading vulnerability management programs in large, complex environments.
• Experience with vulnerability assessment tools, remediation processes, and risk management.
• 5+ years project management/portfolio management
• 5+ years in Information Technology
• Knowledge of ITIL and other frameworks
• Exposure to Systems Administration
• Exposure to Security Administration
• Understanding and knowledge of SDLC and Development practices
• Certification Desired: Project Management (PMI), Development
• Proficiency in vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7).
• Proficiency in project/portfolio management tools (e.g., WorkFront, MS Project, Jira, Tenable, Rapid7)
• Strong understanding of IT infrastructure, applications, and cloud environments.
• Knowledge of regulatory frameworks (e.g., PCI DSS, GDPR, SOX).
• Ability to analyze and interpret data and provide actionable recommendations.
• Strategic thinker with strong problem-solving skills.
• Effective communicator with ability to influence and collaborate across all levels.
• Demonstrated leadership in driving cross-functional initiatives.
• Commitment to continuous learning and professional development.

Agency and Third-Party Submissions: Please note this is a direct search by the Company, and applications through agencies and other third parties will not be accepted, nor will fees be paid for unsolicited resumes. Any unsolicited resumes will be considered the Company's property.

We know there's a lot to consider. As you go through the application process, our recruiters will be glad to provide guidance, and more relevant details to answer any additional questions. Thank you again for your interest in Royal Caribbean Group. We'll hope to see you onboard soon!

It is the policy of the Company to ensure equal employment and promotion opportunity to qualified candidates without discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law. Royal Caribbean Group and each of its subsidiaries prohibit and will not tolerate discrimination or harassment.