Overview

Director of Security, Risk & Compliance Jobs in Santo Domingo, Distrito Nacional, Dominican Republic at GBS Dominican Republic

Title: Director of Security, Risk & Compliance

Company: GBS Dominican Republic

Location: Santo Domingo, Distrito Nacional, Dominican Republic

GBS International, Inc. is a full-service organization delivering world-class solutions to the vacation ownership industry. Through innovation, operational excellence, and a customer-centric approach, we provide exceptional experiences for our clients and customers while maintaining the highest standards of service, security, and compliance.

Position Summar

yThe Director of Security, Risk & Compliance (DSRC) serves as the organization's senior security executive, responsible for leading enterprise-wide cybersecurity, information security, governance, risk and compliance (GRC), audit management, workforce security, physical security, and secure software development practices

.This role owns the organization's overall security posture and resilience strategy, protecting people, facilities, systems, data, intellectual property, and reputation. The DSRC partners closely with executive leadership to ensure security enables business growth while managing risk, regulatory obligations, and client requirements

.
Key Responsibiliti

esEnterprise Security Leadersh

  • ipDefine and execute the organization's enterprise security and resilience strateg
  • y.Establish security governance frameworks, policies, standards, and reporting structure
  • s.Advise executive leadership on security risks, emerging threats, and risk treatment decision
  • s.Manage security budgets, technology investments, KPIs, and KRI
  • s.Promote a culture of security, accountability, and continuous improvemen

t.Information Security & Cybersecuri

  • tyLead cybersecurity operations, threat detection, incident response, and vulnerability managemen
  • t.Ensure security-by-design principles across infrastructure, cloud environments, and software developmen
  • t.Protect sensitive information through access controls, encryption, monitoring, and data protection measure
  • s.Serve as executive incident commander during major security incidents and oversee remediation activitie
  • s.Drive adoption of AI-enabled security technologies to enhance detection, response, and risk management capabilitie

s.Physical & Corporate Securi

  • tyOversee physical security programs across offices, operational facilities, and data center
  • s.Manage access control systems, surveillance programs, visitor management, and security vendor
  • s.Lead investigations involving workplace security incidents, fraud, theft, or misconduc
  • t.Integrate physical security risks into the enterprise risk management framewor

k.Offensive Security & Security Validati

  • onLead penetration testing, red team exercises, social engineering assessments, and threat emulation activitie
  • s.Evaluate the effectiveness of security controls through continuous testing and adversarial assessment
  • s.Oversee security testing of AI systems and emerging technologie

s.Governance, Risk & Compliance (GR

  • C)Own the enterprise risk management and compliance program
  • s.Ensure compliance with applicable frameworks, regulatory requirements, contractual obligations, and client security expectation
  • s.Develop and maintain policies, standards, procedures, and control framework
  • s.Provide executive-level reporting on risk, compliance, audit readiness, and security performanc
  • e.Establish governance for responsible use of AI technologies and data protection practice

s.Cyber Insurance & Risk Transf

  • erPartner with Finance, Legal, and insurance providers to secure appropriate cyber and professional liability coverag
  • e.Ensure organizational controls meet insurer requirements and support underwriting activitie
  • s.Act as the primary security contact during insurance-related incident investigations and claim

s.Audit & Assuran

  • ceLead internal and external audit program
  • s.Coordinate audit readiness, evidence collection, remediation activities, and regulatory examination
  • s.Maintain continuous compliance and assurance across security, technology, HR, and facilities function

s.Workforce Security & Insider Ri

  • skPartner with Human Resources to oversee workforce security controls, including background screening, onboarding, offboarding, and security awareness program
  • s.Develop insider threat detection and response capabilitie
  • s.Support investigations and disciplinary actions related to security incident

s.Third-Party Risk Manageme

  • ntEstablish vendor and supply chain security program
  • s.Define security requirements for third parties and review contractual security obligation
  • s.Support client due diligence activities, security assessments, and compliance review

s.Business Resilience & Continui

  • tyLead security-related crisis management activitie
  • s.Oversee security aspects of Business Continuity Planning (BCP), Disaster Recovery (DR), and Incident Response Planning (IRP
  • ).Conduct tabletop exercises and coordinate response efforts during significant incident

s.Secure SDLC & Application Securi

  • tyDefine and enforce security requirements throughout the Software Development Life Cycle (SDLC
  • ).Partner with Development and DevOps teams to implement secure coding practices and security testin
  • g.Oversee application security initiatives, including SAST, DAST, dependency management, CI/CD security, and secure architecture review
  • s.Promote the use of AI-assisted tools for secure code review and vulnerability managemen

t.
Qualificati

onsRequi

  • redBachelor’s degree in Information Security, Computer Science, Risk Management, Criminal Justice, or a related fie
  • ld.Master’s degree in Cybersecurity, Information Security, or a related discipli
  • ne.10+ years of experience in security, risk, compliance, or related disciplin
  • es.5+ years of leadership experience with enterprise-wide security responsibiliti
  • es.Demonstrated experience performing CISO, CSO, or equivalent executive security functio
  • ns.Strong expertise in cybersecurity, physical security, GRC, audit management, workforce security, and risk manageme
  • nt.Excellent communication, leadership, analytical, and crisis management skil
  • ls.Professional proficiency in English and Spani

sh.Prefer

  • redCISSP, CISM, CISA, CRISC, CPP, PSP, ISO 27001 Lead Implementer/Auditor, or similar certificatio
  • ns.Experience supporting SOC, PCI, ISO 27001, or comparable compliance framewor
  • ks.Experience within SaaS, BPO, technology, or highly regulated service environmen
  • ts.Experience presenting security and risk matters to executive leadership and Boards of Directo

rs.Core Competenc

  • iesEnterprise Risk Managem
  • entExecutive Leadership & Communicat
  • ionCrisis & Incident Managem
  • entStrategic Planning & Execut
  • ionSecurity Governa
  • nceAudit & Compliance Oversi
  • ghtOffensive Security & Threat Managem
  • entTeam Leadership & Developm
  • entOperational Excelle
  • nceAccountability & Owners
  • hipBusiness Enablement Through Secur

ity

Apply

Upload your CV/resume or any other relevant file. Max. file size: 800 MB.