Job Description
HollandAmerica Line has been exploring the world since 1873. Our ships offer innovative features and enriching experiences focused on destination exploration and personalized travel, inviting guests to savor the journey.
We are looking for a Director, IT Risk and Governance. The Director of IT Risk & Governance is responsible for leading and transforming governance, risk, and compliance programs and initiatives across Holland America Line, Seabourn, and Holland America–Princess Alaska IT operations. This role oversees a dedicated team of governance and compliance professionals and plays a pivotal role in advancing organizational maturity through strategic leadership of Governance Centers of Excellence (COEs), annual control testing and remediation, Disaster Recovery (DR), and Business Continuity Planning (BCP). Reporting to the VP, Planning and Governance, the Director collaborates closely with IT leadership, the global information security team, internal and external audit partners, and key business stakeholders to ensure alignment with global and local compliance standards, regulatory frameworks, and enterprise priorities. The ideal candidate will hold a bachelor’s degree in information technology, Cybersecurity, or a related field, with progressive leadership experience in IT governance, risk, and compliance. Proven expertise in regulatory frameworks such as SOX/ITGC and PCI is essential, along with hands‑on experience developing and managing DR and BCP programs. Strong strategic planning, communication, and stakeholder engagement skills are critical, as is the ability to lead cross‑functional teams and influence executive decision‑making.
Here’s a summary of what Holland America Line is looking for. Is this you?
Responsibilities :
Strategic Leadership, Planning & Execution
Lead a team of Risk and Governance professionals to evaluate current and future initiatives, establishing prioritization aligned with brand and enterprise goals.
Establish and lead multiple Governance COEs to define standards, set objectives, and track measurable outcomes aligned with departmental priorities.
Drive governance and risk maturity assessments and continuous improvement initiatives.
Develop and execute 2–3‑year strategic roadmaps and action plans to modernize governance and compliance practices, ensuring adherence to SOX ITGC, PCI, Data Privacy and other internal policy and regulatory requirements.
Foster a collaborative, cross‑functional approach to maturity improvements across the broader IT organization.
Provide subject matter guidance to peers across brand IT teams.
Cross‑Functional Stakeholder Management :
Engage stakeholders across brand IT, corporate IT, shipboard teams, third‑party vendors, and executive leadership to align Risk and Governance strategies with operational goals.
Collaborate with infrastructure, security, and application teams, as well as managed service providers, to ensure service excellence and alignment in execution of governance initiatives.
Represent brand governance and risk priorities in strategic planning and decision‑making forums at the multi‑brand and enterprise level.
Serve on cross‑functional panels and working groups to influence business continuity decisions and promote best practices.
Governance & Risk Management :
Ensure compliance with internal policies and external regulations, including SOX ITGC, PCI, corporate security protocols, and data protection standards.
Enforce secure architecture, infrastructure, and application standards in partnership with security and enterprise architects through oversight of the Enterprise Architecture COE.
Develop and progress robust DR and BCP programs aligned with global standards.
Manage training and operational processes to proactively reduce risk exposure and address evolving compliance requirements.
Act as a compliance advisor across IT projects, embedding regulatory requirements throughout the project lifecycle and leading awareness efforts to foster a compliance‑first culture.
Oversee annual compliance assessments, DR/BCP cycles, and risk management processes, while providing executive leadership with clear visibility into risk posture and mitigation strategies.
Budget Ownership :
Lead financial planning and stewardship of Risk and Governance investments.
Develop and execute KPI and ROI tracking for Governance COEs, ensuring performance metrics are clearly defined, consistently measured, and transparently reported.
Establish data‑driven frameworks to evaluate governance effectiveness, identify improvement opportunities, and demonstrate the value of risk and compliance programs across the enterprise.
Accountability :
Hold accountability for Risk and Governance team performance, including delivery timelines, service quality, and alignment with organizational priorities.
Oversee execution of governance projects and initiatives, including annual testing and remediation cycles.
Mentor direct reports and champion continuous process improvement through structured governance and operational discipline.
Knowledge & Skills :
The Director, IT Risk & Governance plays a pivotal role in shaping the strategic direction and operational execution of governance, risk, and compliance across Holland America Line, Seabourn, and Holland America–Princess Alaska IT operations. This position functions as a key leadership role within the Strategic Planning and Governance team, with direct influence over both shoreside and fleet‑based technology environments. The scope of the role spans local and global compliance standards, ensuring alignment with corporate policies, regulatory frameworks, and industry best practices.
With oversight of disaster recovery, business continuity, and risk management programs, the Director ensures operational resilience across all brands and geographies. The role requires close collaboration with global information security teams, internal and external audit partners, and cross‑functional business stakeholders, making it integral to the company’s ability to safeguard data, maintain regulatory compliance, and support uninterrupted service delivery across the enterprise. This position not only drives internal governance maturity but also represents the brand in broader Carnival Corporation initiatives, influencing compliance strategy and business continuity planning at the enterprise level.
This role requires advanced problem‑solving capabilities, often involving the analysis of complex regulatory requirements, risk data, and operational dependencies across both shore‑side and fleet environments. The Director must anticipate potential compliance gaps and business continuity risks and proactively design mitigation strategies that align with global standards. Solutions often require cross‑functional collaboration, strategic planning, and the ability to translate technical findings into actionable insights for executive leadership, ensuring minimal disruption to business operations and sustained regulatory alignment.
The Director, IT Risk & Governance has a broad and strategic impact across the organization, setting the standards for governance, compliance, and risk management practices that are critical to business continuity and regulatory alignment. This role influences both shore‑side and fleet operations, ensuring consistent application of global compliance frameworks and resilience strategies. By driving maturity in disaster recovery, business continuity, and risk visibility, the Director directly contributes to safeguarding operational integrity and enabling informed decision‑making at the executive level.
This role requires a high level of strategic leadership, overseeing a team of governance and compliance professionals responsible for advancing risk and regulatory maturity. The Director is accountable for managing departmental resources, guiding team performance, and contributing to budget planning and forecasting for governance‑related initiatives. In addition to direct team management, the role demands strong cross‑functional leadership skills to influence and align stakeholders across IT, security, audit, and business units, ensuring consistent execution of compliance and continuity strategies enterprise‑wide.
Requirements :
Essential qualifications for this role include a bachelor’s degree in information technology, Computer Science, Cybersecurity, or a related discipline.
Preferred qualifications include a master’s degree in a relevant field and professional certifications. Experience working in a global enterprise environment and familiarity with data privacy regulations such as GDPR are also advantageous.
The employee must also have a minimum of 8 years of experience in IT governance, risk management, or compliance, with at least 3 years in a leadership capacity. Demonstrated knowledge of regulatory frameworks such as SOX ITGC and PCI‑DSS is required, along with experience managing disaster recovery and business continuity programs.
Travel: No or very little travel likely.
Work Conditions: Work primarily in a climate‑controlled environment with minimal safety/health hazard potential.
Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time.
This position is classified as “in‑office.” As an in‑office role, it requires employees to work from a designated Holland office Tuesday through Thursday each week. Employees may work from their homes on Mondays and Fridays.
Holland provides comprehensive and innovative benefits to meet your needs, including:
What You Can Expect :
Cruise and Travel Privileges for You and Your Family
Health Benefits
401(k)
Employee Stock Purchase Plan
Training & Professional Development
Tuition & Professional Certification Reimbursement
Base Salary Range: $153,100 to $206,700. The range is applicable for the labor market where the role is intended to be hired. Final base salary is directly related to each candidate’s qualifications and experience uniquely.
Our Culture…Stronger Together
Our highest responsibility and top priority is compliance, environmental protection and the health, safety and well‑being of our guests, the people in the communities we touch and serve, and our shipboard and shoreside employees. Please visit our site to learn more about our Culture Essentials, Corporate Vision Statement and our Core Values at https://www.hollandamerica.com/en_US/our-company/mission-values.html
Holland America is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.
Americans with Disabilities Act (ADA)
Holland America will provide reasonable accommodations with the application process, upon your request, as required to comply with applicable laws. If you have a disability and require assistance in this application process, please contact recruiting@hollandamericagroup.com
#J-18808-Ljbffr
We are looking for a Director, IT Risk and Governance. The Director of IT Risk & Governance is responsible for leading and transforming governance, risk, and compliance programs and initiatives across Holland America Line, Seabourn, and Holland America–Princess Alaska IT operations. This role oversees a dedicated team of governance and compliance professionals and plays a pivotal role in advancing organizational maturity through strategic leadership of Governance Centers of Excellence (COEs), annual control testing and remediation, Disaster Recovery (DR), and Business Continuity Planning (BCP). Reporting to the VP, Planning and Governance, the Director collaborates closely with IT leadership, the global information security team, internal and external audit partners, and key business stakeholders to ensure alignment with global and local compliance standards, regulatory frameworks, and enterprise priorities. The ideal candidate will hold a bachelor’s degree in information technology, Cybersecurity, or a related field, with progressive leadership experience in IT governance, risk, and compliance. Proven expertise in regulatory frameworks such as SOX/ITGC and PCI is essential, along with hands‑on experience developing and managing DR and BCP programs. Strong strategic planning, communication, and stakeholder engagement skills are critical, as is the ability to lead cross‑functional teams and influence executive decision‑making.
Here’s a summary of what Holland America Line is looking for. Is this you?
Responsibilities :
Strategic Leadership, Planning & Execution
Lead a team of Risk and Governance professionals to evaluate current and future initiatives, establishing prioritization aligned with brand and enterprise goals.
Establish and lead multiple Governance COEs to define standards, set objectives, and track measurable outcomes aligned with departmental priorities.
Drive governance and risk maturity assessments and continuous improvement initiatives.
Develop and execute 2–3‑year strategic roadmaps and action plans to modernize governance and compliance practices, ensuring adherence to SOX ITGC, PCI, Data Privacy and other internal policy and regulatory requirements.
Foster a collaborative, cross‑functional approach to maturity improvements across the broader IT organization.
Provide subject matter guidance to peers across brand IT teams.
Cross‑Functional Stakeholder Management :
Engage stakeholders across brand IT, corporate IT, shipboard teams, third‑party vendors, and executive leadership to align Risk and Governance strategies with operational goals.
Collaborate with infrastructure, security, and application teams, as well as managed service providers, to ensure service excellence and alignment in execution of governance initiatives.
Represent brand governance and risk priorities in strategic planning and decision‑making forums at the multi‑brand and enterprise level.
Serve on cross‑functional panels and working groups to influence business continuity decisions and promote best practices.
Governance & Risk Management :
Ensure compliance with internal policies and external regulations, including SOX ITGC, PCI, corporate security protocols, and data protection standards.
Enforce secure architecture, infrastructure, and application standards in partnership with security and enterprise architects through oversight of the Enterprise Architecture COE.
Develop and progress robust DR and BCP programs aligned with global standards.
Manage training and operational processes to proactively reduce risk exposure and address evolving compliance requirements.
Act as a compliance advisor across IT projects, embedding regulatory requirements throughout the project lifecycle and leading awareness efforts to foster a compliance‑first culture.
Oversee annual compliance assessments, DR/BCP cycles, and risk management processes, while providing executive leadership with clear visibility into risk posture and mitigation strategies.
Budget Ownership :
Lead financial planning and stewardship of Risk and Governance investments.
Develop and execute KPI and ROI tracking for Governance COEs, ensuring performance metrics are clearly defined, consistently measured, and transparently reported.
Establish data‑driven frameworks to evaluate governance effectiveness, identify improvement opportunities, and demonstrate the value of risk and compliance programs across the enterprise.
Accountability :
Hold accountability for Risk and Governance team performance, including delivery timelines, service quality, and alignment with organizational priorities.
Oversee execution of governance projects and initiatives, including annual testing and remediation cycles.
Mentor direct reports and champion continuous process improvement through structured governance and operational discipline.
Knowledge & Skills :
The Director, IT Risk & Governance plays a pivotal role in shaping the strategic direction and operational execution of governance, risk, and compliance across Holland America Line, Seabourn, and Holland America–Princess Alaska IT operations. This position functions as a key leadership role within the Strategic Planning and Governance team, with direct influence over both shoreside and fleet‑based technology environments. The scope of the role spans local and global compliance standards, ensuring alignment with corporate policies, regulatory frameworks, and industry best practices.
With oversight of disaster recovery, business continuity, and risk management programs, the Director ensures operational resilience across all brands and geographies. The role requires close collaboration with global information security teams, internal and external audit partners, and cross‑functional business stakeholders, making it integral to the company’s ability to safeguard data, maintain regulatory compliance, and support uninterrupted service delivery across the enterprise. This position not only drives internal governance maturity but also represents the brand in broader Carnival Corporation initiatives, influencing compliance strategy and business continuity planning at the enterprise level.
This role requires advanced problem‑solving capabilities, often involving the analysis of complex regulatory requirements, risk data, and operational dependencies across both shore‑side and fleet environments. The Director must anticipate potential compliance gaps and business continuity risks and proactively design mitigation strategies that align with global standards. Solutions often require cross‑functional collaboration, strategic planning, and the ability to translate technical findings into actionable insights for executive leadership, ensuring minimal disruption to business operations and sustained regulatory alignment.
The Director, IT Risk & Governance has a broad and strategic impact across the organization, setting the standards for governance, compliance, and risk management practices that are critical to business continuity and regulatory alignment. This role influences both shore‑side and fleet operations, ensuring consistent application of global compliance frameworks and resilience strategies. By driving maturity in disaster recovery, business continuity, and risk visibility, the Director directly contributes to safeguarding operational integrity and enabling informed decision‑making at the executive level.
This role requires a high level of strategic leadership, overseeing a team of governance and compliance professionals responsible for advancing risk and regulatory maturity. The Director is accountable for managing departmental resources, guiding team performance, and contributing to budget planning and forecasting for governance‑related initiatives. In addition to direct team management, the role demands strong cross‑functional leadership skills to influence and align stakeholders across IT, security, audit, and business units, ensuring consistent execution of compliance and continuity strategies enterprise‑wide.
Requirements :
Essential qualifications for this role include a bachelor’s degree in information technology, Computer Science, Cybersecurity, or a related discipline.
Preferred qualifications include a master’s degree in a relevant field and professional certifications. Experience working in a global enterprise environment and familiarity with data privacy regulations such as GDPR are also advantageous.
The employee must also have a minimum of 8 years of experience in IT governance, risk management, or compliance, with at least 3 years in a leadership capacity. Demonstrated knowledge of regulatory frameworks such as SOX ITGC and PCI‑DSS is required, along with experience managing disaster recovery and business continuity programs.
Travel: No or very little travel likely.
Work Conditions: Work primarily in a climate‑controlled environment with minimal safety/health hazard potential.
Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time.
This position is classified as “in‑office.” As an in‑office role, it requires employees to work from a designated Holland office Tuesday through Thursday each week. Employees may work from their homes on Mondays and Fridays.
Holland provides comprehensive and innovative benefits to meet your needs, including:
What You Can Expect :
Cruise and Travel Privileges for You and Your Family
Health Benefits
401(k)
Employee Stock Purchase Plan
Training & Professional Development
Tuition & Professional Certification Reimbursement
Base Salary Range: $153,100 to $206,700. The range is applicable for the labor market where the role is intended to be hired. Final base salary is directly related to each candidate’s qualifications and experience uniquely.
Our Culture…Stronger Together
Our highest responsibility and top priority is compliance, environmental protection and the health, safety and well‑being of our guests, the people in the communities we touch and serve, and our shipboard and shoreside employees. Please visit our site to learn more about our Culture Essentials, Corporate Vision Statement and our Core Values at https://www.hollandamerica.com/en_US/our-company/mission-values.html
Holland America is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.
Americans with Disabilities Act (ADA)
Holland America will provide reasonable accommodations with the application process, upon your request, as required to comply with applicable laws. If you have a disability and require assistance in this application process, please contact recruiting@hollandamericagroup.com
#J-18808-Ljbffr