Manager, Enterprise Security Architecture
Journey with us! Combine your career goals and sense of adventure by joining our incredible team of employees at Royal Caribbean Group. We are proud to offer a competitive compensation and benefits package, and excellent career development opportunities, each offering unique ways to explore the world.
We are proud to be the vacation-industry leader with global brands — including Royal Caribbean International, Celebrity Cruises and Silversea Cruises — the most innovative fleet and private destinations, and the best people. Together, we are dedicated to turning the vacation of a lifetime into a lifetime of vacations for our guests.
Royal Caribbean Group’s IT Architecture Team has an exciting career opportunity for a full time Manager, Enterprise Security Architecture, reporting to the AVP, Enterprise Architecture & Engineering.
Position Summary
The Manager, Enterprise Security Architecture must possess extensive knowledge of security architecture principles and best practices, including cloud and network security, data security, and security governance & compliance. The role requires collaboration across various teams and close cooperation with the Enterprise Security Team, Engineering Managers, Product Owners, and Enterprise Architects.
This position entails overseeing the security architecture and selecting the appropriate technology for systems and applications within the company's product portfolio. The ideal candidate should have a profound understanding of cybersecurity frameworks, risk management, cloud security, and compliance, particularly within the cruise line or hospitality industry. Responsibilities include preparing proposals, recommending solutions for approval, and reviewing technical designs to ensure adherence to top security architecture practices and alignment with the company's technological vision. Moreover, this role promotes, governs, and documents security architecture decisions across relevant programs.
As a technology leader within the organization, this person plays a crucial role in making security-related decisions, selections, and strategies at the enterprise level.
Essential Duties and Responsibilities
- Design and implement an extensive security architecture throughout the enterprise that aligns with business objectives and regulatory requirements, ensuring a robust and flexible security framework.
- Establish and implement security architecture policies, standards, and best practices throughout IT and operational technology environments, encompassing both onboard ship systems and corporate infrastructure.
- Lead security architecture initiatives for cloud computing (AWS, Azure, GCP), network security, data protection, and identity & access management to guard against emerging threats.
- Provide expert guidance on secure software development lifecycle (SDLC), ensuring security is embedded in all transformation projects, infrastructure deployments, and new technology integrations.
- Work with application and platform architects and development teams to establish and uphold secure coding practices, security design principles, and vulnerability mitigation strategies across the full stack of application layers, including web, mobile, API, backend, and AI components.
- Ensure adherence to global compliance frameworks such as GDPR, PCI-DSS, NIST, IMO, Maritime Cybersecurity Guidelines, and ISO 27001.
- Evaluate and mitigate security risks by conducting advanced threat modeling, vulnerability assessments, penetration testing, and continuous monitoring to protect systems against cyber threats.
- Work closely with IT, compliance, legal, operations, and business units to integrate security best practices into corporate and shipboard operations.
- Stay ahead of the cybersecurity landscape, evaluating new technologies such as AI-driven security analytics, zero-trust architectures, and blockchain-based identity management to enhance security capabilities.
- Documents and communicate security architecture decisions and strategies effectively.
- Present executive recommendations to facilitate technology product selections, buy vs build decision, and direction for strategic product roadmaps.
- Accountable for large/complex estimation activities, and quality of estimates, in collaboration with the product teams and peer architects.
- Performs other duties as required. This job description in no way states or implies that these are the only duties to be performed by the employee occupying this position. Employees will be required to perform any other job-related duties assigned by their supervisor or management.
Qualifications, Knowledge and Skills
- Bachelor’s or Master’s degree in Engineering, Computer Science, Information Technology, Math, or a related field.
- 10+ years of experience in information security, including 5+ years in a security architecture leadership role.
- Proven ability to design, develop, and implement secure, scalable, and robust system architectures aligned with business goals.
- Strong knowledge of enterprise architecture and security frameworks, including NIST, ISO 27001, and CIS.
- Hands-on experience with IAM solutions such as ForgeRock IAM and Symantec MFA, as well as threat modeling tools like IriusRisk.
- Proficient with Active Directory, Office 365, Symantec antivirus, MFA, firewalls, SIEM, IDS/IPS, endpoint protection, and encryption technologies.
- Experience with at least one major cloud platform (AWS, Azure, or GCP) and familiarity with cloud-native services and hybrid environments.
- Familiarity with maritime IT environments, including shipboard networks, satellite communications, and maritime cybersecurity regulations.
- Understanding of data privacy regulations such as GDPR, CCPA, and HIPAA.
- Strong communication skills with the ability to document and present architectural decisions to technical and business stakeholders.
- Experienced in working with senior leadership to define technology roadmaps and lead product-level solutioning.
- Proficient in software architecture, configurations, integration, and technical implementation of enterprise software products.
- Recognized as a technical expert across multiple products and a mentor to engineering teams on frameworks, tools, and integration patterns.
- Preferred certifications include CISSP, CCSP, or equivalent.
- Continuously tracks emerging technologies, architectural trends, and vendor solutions to evolve security practices.
We know there's a lot to consider. As you go through the application process, our recruiters will be glad to provide guidance, and more relevant details to answer any additional questions. Thank you again for your interest in Royal Caribbean Group. We'll hope to see you onboard soon!
It is the policy of the Company to ensure equal employment and promotion opportunity to qualified candidates without discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law. Royal Caribbean Group and each of its subsidiaries prohibit and will not tolerate discrimination or harassment.
#LI-AS2
Nearest Major Market: Miami