Devsecops Jobs in Arizona (NOW HIRING)

Join BWH Hotels - Where Passion Meets Purpose

At BWH Hotels, we don't just offer employment opportunities, we create opportunities to be part of something extraordinary. As a global leader in hospitality for nearly 80 years, our vision is to inspire travel through unique experiences. Joining our corporate team means becoming part of a dynamic and inclusive community that values innovation, collaboration, and making a meaningful impact in the travel industry.

Headquartered in Phoenix, Arizona, BWH Hotels boasts a powerful portfolio of 18 brands, including WorldHotels, Best Western Hotels & Resorts, and SureStay Hotels, with approximately 4,300 hotels in over 100 countries. We take pride in our top-ranking employee engagement scores and foster a workplace culture where your contributions truly matter. Join us and be part of a team that's shaping the future of hospitality!

Job Purpose

BWH Hotels is seeking a strategic and decisive Managing Director, Information Security and Enterprise Architecture to lead the enterprise cybersecurity, data protection, identity and access management (IAM), and enterprise architecture functions. This role acts as the Chief Information Security Officer (CISO) and is accountable for protecting Company and guest data, managing cyber risk, and establishing a coherent, scalable technology architecture that enables the business to operate securely and efficiently at scale.

The Managing Director defines and executes the cybersecurity, data governance and enterprise architecture strategy, leads response to security incidents, and oversees platform engineering, DevSecOps, IAM, cloud enablement, and the Enterprise Architecture Center of Excellence (CoE). The role partners closely with executive leadership to balance risk, speed, innovation, and architectural integrity. Cybersecurity and information risk reporting to the Board of Directors, Chief Executive Officer, and senior leadership is provided in partnership with the Chief Technology Officer, supporting executive decisionmaking related to cyber posture, architectural direction, incidents, and investment priorities.

Key Responsibilities

• Define and own the enterprise cybersecurity and information risk strategy and data governance.
• Set and enforce cybersecurity policies, standards, and risk tolerances aligned to business objectives.
• Establish and lead cybersecurity governance forums, executive risk reviews, and steering committees.
• Provide executiveready reporting on cybersecurity posture, emerging risks, and material incidents.
• Hold authority to require risk mitigation actions, and to escalate or halt technology implementations or production changes that exceed the approved cybersecurity risk appetite.

• Lead the Architecture & Platform Engineering function, including Enterprise Architecture, Platform Engineering, DevSecOps, IAM, and Cloud Enablement.
• Establish and mature an Enterprise Architecture Center of Excellence (CoE) to define enterprisewide technology standards, reference architectures, and architectural guardrails.
• Ensure enterprise architecture provides clear direction while enabling domainowned solution architecture across customerfacing, foundational, and product technology domains.
• Drive alignment across platforms, cloud services, integration patterns, and shared services to reduce complexity and improve scalability, resilience, and security.
• Partner across technology leaders to ensure architectural consistency and sound engineering and security practices across the technology landscape.

• Define and execute a multiyear cybersecurity, IAM, data protection, and enterprise architecture roadmap aligned with business priorities.

• Own enterprise Identity and Access Management (IAM) strategy and governance across workforce, customer, and partner populations, including lifecycle controls, authentication standards, and oversight of IAM platforms.
• Own the enterprise data protection and data governance framework, including data classification standards and protection requirements, in partnership with Legal leadership.
• Enable secure and wellarchitected adoption of cloud platforms, digital solutions, and thirdparty services.

• Build, lead, and retain a highperforming cybersecurity, architecture, platform, and identity organization.
• Develop leadership depth, succession planning, and ongoing professional development across security and engineering disciplines.
• Own cybersecurity, IAM, architecture, and platform investment strategy, including prioritization and roadmap alignment.
• Manage vendor relationships and guide security, platform, and architecture technology strategy.

• Adopt and operationalize appropriate cybersecurity and architecture frameworks based on organizational needs and regulatory requirements.
• Maintain clear standards for information ownership, classification, accountability, architectural compliance, and protection.
• Define and report measurable cybersecurity posture, architectural health, technical debt, and risk metrics to executive leadership.

• Lead enterprise detection, response, and recovery for cybersecurity incidents.
• Serve as the primary security executive interface with regulators, law enforcement, insurers, and external advisors during incidents.
• Ensure security and architectural controls are embedded into technology delivery, engineering, and operations by design.
• Monitor the threat landscape and drive proactive risk reduction initiatives.
• Ensure resilience, recoverability, and reliability of businesscritical services and platforms.

• Risk Reduction: Measurable improvement in cybersecurity control maturity and reduction in highrisk exposures.
• Architectural Health: Reduction in unnecessary complexity and technical debt; increased reuse of shared platforms and services.
• Incident Readiness: Effective, timely response to security incidents with minimal business impact.
• Identity and Access Hygiene: Improved access governance, MFA adoption, and lifecycle control effectiveness.
• Platform Enablement: Improved delivery speed, reliability, and consistency enabled by strong platform and cloud foundations.
• Operational Confidence: Executive and stakeholder confidence in cybersecurity posture and architectural direction.
• Team and Capability Growth: Development of strong, scalable security, architecture, and engineering leadership teams.

Preferred Experience and Education

• 15+ years of experience leading cybersecurity, enterprise architecture, platform, or technology organizations at enterprise scale.
• Demonstrated success managing enterprise cybersecurity incidents and driving largescale architectural transformation.
• Strong executive communication skills and ability to translate technical risk and architectural tradeoffs into business context.
• Bachelor's Degree in Computer Science, Business Administration, or related field, or equivalent experience. MBA preferred.
• Relevant credentials such as CISSP, CISM, CISA, CRISC, or enterprise architecture certifications are desirable.

Work Location and Schedule

• This position requires an onsite presence three to five days per week at our Global Operations Center. The office address is 20400 N 29th Avenue, Phoenix, Arizona 85027.

This position is not eligible for immigration sponsorship.

Benefits Summaryfor Full-Time Employees

Medical/Dental/Vision available day one

Vacation/Sick- accruals start day one

Paid company holidays and personalholidays to celebrate what's important to you

401K - company contribution and match (U.S.)

Registered Retirement Savings Plan (RRSP) - company contribution and match (Canada)

Employee discounts/hotel discounts

Free financial and health wellness programs

Tuition Reimbursement

Equal Employment Opportunity

BWH Hotels (the "Company")maintains a policy of equal employment opportunity for all employees and qualified applicants for employment without regard to race (including hair textures and hair styles associated with race), color or pigmentation, religion, religious creed (including religious dress and grooming practices), national origin, ancestry, alienage or citizenship status, caste, age, disability, gender, gender identity or expression, sex, sexual orientation, LGBTQIA+ individuals, height, weight, pregnancy status, childbirth or related medical conditions, genetic information, uniformed service or veteran status, marital status, or any other characteristic protected by applicable federal, state, provincial, or local laws. The Company's equal employment opportunity policy applies to all aspects of employment with the Company, including, but not limited to, hiring, promotion, transfer, benefits, discipline, and termination.