Managing Director, Information Security and Enterprise Architecture (CISO)

Managing Director, Information Security And Enterprise Architecture

BWH® Hotels is seeking a strategic and decisive Managing Director, Information Security and Enterprise Architecture to lead the enterprise cybersecurity, data protection, identity and access management (IAM), and enterprise architecture functions. This role acts as the Chief Information Security Officer (CISO) and is accountable for protecting Company and guest data, managing cyber risk, and establishing a coherent, scalable technology architecture that enables the business to operate securely and efficiently at scale.

The Managing Director defines and executes the cybersecurity, data governance and enterprise architecture strategy, leads response to security incidents, and oversees platform engineering, DevSecOps, IAM, cloud enablement, and the Enterprise Architecture Center of Excellence (CoE). The role partners closely with executive leadership to balance risk, speed, innovation, and architectural integrity. Cybersecurity and information risk reporting to the Board of Directors, Chief Executive Officer, and senior leadership is provided in partnership with the Chief Technology Officer, supporting executive decision‑making related to cyber posture, architectural direction, incidents, and investment priorities.

Key Responsibilities

Cybersecurity Governance & Risk Leadership

• Define and own the enterprise cybersecurity and information risk strategy and data governance.
• Set and enforce cybersecurity policies, standards, and risk tolerances aligned to business objectives.
• Establish and lead cybersecurity governance forums, executive risk reviews, and steering committees.
• Provide executive‑ready reporting on cybersecurity posture, emerging risks, and material incidents.
• Hold authority to require risk mitigation actions, and to escalate or halt technology implementations or production changes that exceed the approved cybersecurity risk appetite.

Architecture Leadership

• Lead the Architecture & Platform Engineering function, including Enterprise Architecture, Platform Engineering, DevSecOps, IAM, and Cloud Enablement.
• Establish and mature an Enterprise Architecture Center of Excellence (CoE) to define enterprise‑wide technology standards, reference architectures, and architectural guardrails.
• Ensure enterprise architecture provides clear direction while enabling domain‑owned solution architecture across customer‑facing, foundational, and product technology domains.
• Drive alignment across platforms, cloud services, integration patterns, and shared services to reduce complexity and improve scalability, resilience, and security.
• Partner across technology leaders to ensure architectural consistency and sound engineering and security practices across the technology landscape.

Cybersecurity, IAM and Data Strategy

• Define and execute a multi‑year cybersecurity, IAM, data protection, and enterprise architecture roadmap aligned with business priorities.
• Own enterprise Identity and Access Management (IAM) strategy and governance across workforce, customer, and partner populations, including lifecycle controls, authentication standards, and oversight of IAM platforms.
• Own the enterprise data protection and data governance framework, including data classification standards and protection requirements, in partnership with Legal leadership.
• Enable secure and well‑architected adoption of cloud platforms, digital solutions, and third‑party services.

Organization and People Leadership

• Build, lead, and retain a high‑performing cybersecurity, architecture, platform, and identity organization.
• Develop leadership depth, succession planning, and ongoing professional development across security and engineering disciplines.
• Own cybersecurity, IAM, architecture, and platform investment strategy, including prioritization and roadmap alignment.
• Manage vendor relationships and guide security, platform, and architecture technology strategy.

Control Frameworks and Metrics

• Adopt and operationalize appropriate cybersecurity and architecture frameworks based on organizational needs and regulatory requirements.
• Maintain clear standards for information ownership, classification, accountability, architectural compliance, and protection.
• Define and report measurable cybersecurity posture, architectural health, technical debt, and risk metrics to executive leadership.

Security Operations & Incident Response

• Lead enterprise detection, response, and recovery for cybersecurity incidents.
• Serve as the primary security executive interface with regulators, law enforcement, insurers, and external advisors during incidents.
• Ensure security and architectural controls are embedded into technology delivery, engineering, and operations by design.
• Monitor the threat landscape and drive proactive risk reduction initiatives.
• Ensure resilience, recoverability, and reliability of business‑critical services and platforms.

Success Metrics

• Risk Reduction: Measurable improvement in cybersecurity control maturity and reduction in high‑risk exposures.
• Architectural Health: Reduction in unnecessary complexity and technical debt; increased reuse of shared platforms and services.
• Incident Readiness: Effective, timely response to security incidents with minimal business impact.
• Identity and Access Hygiene: Improved access governance, MFA adoption, and lifecycle control effectiveness.
• Platform Enablement: Improved delivery speed, reliability, and consistency enabled by strong platform and cloud foundations.
• Operational Confidence: Executive and stakeholder confidence in cybersecurity posture and architectural direction.
• Team and Capability Growth: Development of strong, scalable security, architecture, and engineering leadership teams.

Preferred Experience and Education

• 15+ years of experience leading cybersecurity, enterprise architecture, platform, or technology organizations at enterprise scale.
• Demonstrated success managing enterprise cybersecurity incidents and driving large‑scale architectural transformation.
• Strong executive communication skills and ability to translate technical risk and architectural tradeoffs into business context.
• Bachelor's Degree in Computer Science, Business Administration, or related field, or equivalent experience. MBA preferred.
• Relevant credentials such as CISSP, CISM, CISA, CRISC, or enterprise architecture certifications are desirable.

Work Location and Schedule

• This position requires an onsite presence three to five days per week at our Global Operations Center. The office address is 20400 N 29th Avenue, Phoenix, Arizona 85027.

This position is not eligible for immigration sponsorship.

Benefits Summary for Full-Time Employees

• Medical/Dental/Vision available day one
• Vacation/Sick- accruals start day one
• Paid company holidays and personal holidays to celebrate what's important to you
• 401K - company contribution and match (U.S.)
• Registered Retirement Savings Plan (RRSP) – company contribution and match (Canada)
• Employee discounts/hotel discounts
• Free financial and health wellness programs
• Tuition Reimbursement

Equal Employment Opportunity

BWH Hotels (the "Company") maintains a policy of equal employment opportunity for all employees and qualified applicants for employment without regard to race (including hair textures and hair styles associated with race), color or pigmentation, religion, religious creed (including religious dress and grooming practices), national origin, ancestry, alienage or citizenship status, caste, age, disability, gender, gender identity or expression, sex, sexual orientation, LGBTQIA+ individuals, height, weight, pregnancy status, childbirth or related medical conditions, genetic information, uniformed service or veteran status, marital status, or any other characteristic protected by applicable federal, state, provincial, or local laws. The Company's equal employment opportunity policy applies to all aspects of employment with the Company, including, but not limited to, hiring, promotion, transfer, benefits, discipline, and termination.