Director, IT Risk and Governance

HollandAmerica Line has been exploring the world since 1873. Our ships offer innovative features and enriching experiences focused on destination exploration and personalized travel inviting guests to savor the journey.

We are looking for a Director IT Risk and Governance. The Director of IT Risk & Governance is responsible for leading and transforming governance risk and compliance programs and initiatives across Holland America Line Seabourn and Holland AmericaPrincess Alaska IT operations. This role oversees a dedicated team of governance and compliance professionals and plays a pivotal role in advancing organizational maturity through strategic leadership of Governance Centers of Excellence (COEs) annual control testing and remediation Disaster Recovery (DR) and Business Continuity Planning (BCP). Reporting to the VP Planning and Governance the Director collaborates closely with IT leadership the global information security team internal and external audit partners and key business stakeholders to ensure alignment with global and local compliance standards regulatory frameworks and enterprise priorities. The ideal candidate will hold a bachelors degree in information technology Cybersecurity or a related field with progressive leadership experience in IT governance risk and compliance. Proven expertise in regulatory frameworks such as SOX/ITGC and PCI is essential along with hands-on experience developing and managing DR and BCP programs. Strong strategic planning communication and stakeholder engagement skills are critical as is the ability to lead cross-functional teams and influence executive decision-making.

Heresa summary of what Holland America Line is looking for. Isthisyou

Responsibilities:

• Strategic Leadership Planning & Execution

• Lead a team of Risk and Governance professionals to evaluate current and future initiatives establishing prioritization aligned with brand and enterprise goals.

• Establish and lead multiple Governance COEs to define standards set objectives and track measurable outcomes aligned with departmental priorities.

• Drive governance and risk maturity assessments and continuous improvement initiatives.

• Develop and execute 23-year strategic roadmaps and action plans to modernize governance and compliance practices ensuring adherence to SOX ITGC PCI Data Privacy and other internal policy and regulatory requirements.

• Foster a collaborative cross-functional approach to maturity improvements across the broader IT organization.

• Provide subject matter guidance to peers across brand IT teams.

Cross-Functional Stakeholder Management

• Engage stakeholders across brand IT corporate IT shipboard teams third-party vendors and executive leadership to align Risk and Governance strategies with operational goals.

• Collaborate with infrastructure security and application teams as well as managed service providers to ensure service excellence and alignment in execution of governance initiatives.

• Represent brand governance and risk priorities in strategic planning and decision-making forums at the multi-brand and enterprise level.

• Serve on cross-functional panels and working groups to influence business continuity decisions and promote best practices.

Governance & Risk Management

• Ensure compliance with internal policies and external regulations including SOX ITGC PCI corporate security protocols and data protection standards.

• Enforce secure architecture infrastructure and application standards in partnership with security and enterprise architects through oversight of the Enterprise Architecture COE.

• Develop and progress robust DR and BCP programs aligned with global standards.

• Manage training and operational processes to proactively reduce risk exposure and address evolving compliance requirements.

• Act as a compliance advisor across IT projects embedding regulatory requirements throughout the project lifecycle and leading awareness efforts to foster a compliance-first culture.

• Oversee annual compliance assessments DR/BCP cycles and risk management processes while providing executive leadership with clear visibility into risk posture and mitigation strategies.

Budget Ownership

• Lead financial planning and stewardship of Risk and Governance investments.

• Develop and execute KPI and ROI tracking for Governance COEs ensuring performance metrics are clearly defined consistently measured and transparently reported.

• Establish data-driven frameworks to evaluate governance effectiveness identify improvement opportunities and demonstrate the value of risk and compliance programs across the enterprise.

Accountability

• Hold accountability for Risk and Governance team performance including delivery timelines service quality and alignment with organizational priorities.

• Oversee execution of governance projects and initiatives including annual testing and remediation cycles.

• Mentor direct reports and champion continuous process improvement through structured governance and operational discipline.

Knowledge & Skills:

• The Director IT Risk & Governance plays a pivotal role in shaping the strategic direction and operational execution of governance risk and compliance across Holland America Line Seabourn and Holland AmericaPrincess Alaska IT operations. This position functions as a key leadership role within the Strategic Planning and Governance team with direct influence over both shoreside and fleet-based technology environments. The scope of the role spans local and global compliance standards ensuring alignment with corporate policies regulatory frameworks and industry best practices.

• With oversight of disaster recovery business continuity and risk management programs the Director ensures operational resilience across all brands and geographies. The role requires close collaboration with global information security teams internal and external audit partners and cross-functional business stakeholders making it integral to the companys ability to safeguard data maintain regulatory compliance and support uninterrupted service delivery across the enterprise. This position not only drives internal governance maturity but also represents the brand in broader Carnival Corporation initiatives influencing compliance strategy and business continuity planning at the enterprise level.

• This role requires advanced problem-solving capabilities often involving the analysis of complex regulatory requirements risk data and operational dependencies across both shore-side and fleet environments. The Director must anticipate potential compliance gaps and business continuity risks and proactively design mitigation strategies that align with global standards. Solutions often require cross-functional collaboration strategic planning and the ability to translate technical findings into actionable insights for executive leadership ensuring minimal disruption to business operations and sustained regulatory alignment.

• The Director IT Risk & Governance has a broad and strategic impact across the organization setting the standards for governance compliance and risk management practices that are critical to business continuity and regulatory alignment. This role influences both shore-side and fleet operations ensuring consistent application of global compliance frameworks and resilience strategies. By driving maturity in disaster recovery business continuity and risk visibility the Director directly contributes to safeguarding operational integrity and enabling informed decision-making at the executive level.

• This role requires a high level of strategic leadership overseeing a team of governance and compliance professionals responsible for advancing risk and regulatory maturity. The Director is accountable for managing departmental resources guiding team performance and contributing to budget planning and forecasting for governance-related addition to direct team management the role demands strong cross-functional leadership skills to influence and align stakeholders across IT security audit and business units ensuring consistent execution of compliance and continuity strategies enterprise-wide.

Requirements

• Essential qualifications for this role include a bachelors degree in information technology Computer Science Cybersecurity or a related discipline.

• Preferred qualifications include a masters degree in a relevant field and professional working in a global enterprise environment and familiarity with data privacy regulations such as GDPR are also advantageous.

• The employee must also have a minimum of 8 years of experience in IT governance risk management or compliance with at least 3 years in a leadership capacity. Demonstrated knowledge of regulatory frameworks such as SOX ITGC and PCI-DSS is required along with experience managing disaster recovery and business continuity programs.

Travel: No or very little travel likely

Work Conditions: Work primarily in a climate-controlled environment with minimal safety/health hazard potential.

Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time.

This position is classified as in-office. As an in-office role it requires employees to work from a designated Holland office Tuesday through Thursday each week. Employees may work from their homes on Mondays and Fridays.

Holland provides comprehensive and innovative benefits to meet your needs including:

What You Can Expect

• Cruise and Travel Privileges for You and Your Family
• Health Benefits
• 401(k)
• Employee Stock Purchase Plan
• Training & Professional Development
• Tuition & Professional Certification Reimbursement
• BaseSalaryRange: $153100to $ range is applicable for the labor market where the role is intended to be salary isdirectly relatedto eachcandidatesqualifications and experience uniquely.

Our CultureStronger Together

Our highest responsibility and top priorityiscompliance environmental protection and the health safety and well-being of our guests the people in the communities we touch and serve and our shipboard and shoreside visit our site to learn more about our Culture Essentials Corporate VisionStatementand our Core Values at: Americais an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age ancestry color family or medical care leave gender identity or expression genetic information marital status medical condition national origin physical or mental disability political affiliation protected veteran status race religion sex (including pregnancy) sexual orientation or any other characteristic protected by applicable lawsregulationsand ordinances.

Americans with Disabilities Act (ADA)

Holland America will provide reasonable accommodations with the application process upon your request asrequiredtocomply withapplicable you have a disability and requireassistancein this application process please contact

#HAL

#LI-Hybrid

#LI-SH1