FLEX Director, IT Governance, Audit and Compliance
Company: Marriott Hotels Resorts
Location: Bethesda
Posted on: April 2, 2026
|
|
|
Job Description:
Description JOB SUMMARY The Director, IT Governance, Audit &
Compliance, is a leadership role responsible for serving as the
governance, audit and compliance execution arm for IT controls
managed under the Technology Experience Center (TEC) organization.
This role works with IT Provision Owners to perform the governance,
oversight, and reporting for regulatory controls that align under
IT Asset Inventory, Change Management, Software End of Life (EOL)
and Hardware Removal. The Director ensures controls are
consistently designed, executed, evidenced, and audit ready in
alignment with internal policy, regulatory obligations, and
external audit requirements. The Director partners closely with
Marriott IT Control Owners, Product Owners, Application Owners,
Infrastructure and Application teams, Security, and Risk Management
to facilitate quarterly and annual audits. This role will manage a
team who will be responsible for coordinating evidence collection,
management for remediation of control gaps, and provide clear,
compliance reporting to leadership, Internal Audit, and external
regulators. This role requires deep understanding of IT Operations,
Software Development Lifecycle, regulatory control frameworks,
audit methodology, and process maturity models (e.g., CMMI) and
serves as a key advisor to TEC IT Provision Owners and the GIS
Compliance Program on compliance risk, control effectiveness, and
continuous improvement. KEY RESPONSIBILITIES: IT Governance &
Regulatory Compliance · Act as the TEC aligned control execution
authority for regulatory IT controls, including Asset Inventory,
Change Management, and Software End of Life. · Work with TEC IT
Provision and Control Owners for alignment on policy, standard
operating procedures, and control execution requirements. ·
Responsible for control design validation, operational execution
oversight, and compliance reporting for TEC managed controls. ·
Establish and maintain standardized governance processes, control
narratives, and operating procedures to ensure consistency and
auditability. · Ensure alignment of TEC controls with enterprise
policies, regulatory obligations, and audit expectations. Audit
Management & Evidence Collection · Lead quarterly and annual audit
requirements, supporting Management Testing and external audit
requests. · Coordinate evidence collection, validation, and
submission across multiple IT control owners and stakeholders. ·
Serve as the primary point of contact for GIS Regulatory and
Compliance organization and auditors related to TEC managed
controls. · Track, manage, and report on audit findings,
observations, and remediation activities through closure. Cross
Functional Facilitation & Control Ownership · Facilitate
collaboration across TEC IT control owners to ensure timely and
accurate control execution. · Partner with Application,
Infrastructure, Security, and Platform teams to operationalize
compliance requirements. · Drive accountability for control gaps,
remediation plans, timelines, and ownership. · Provide clear
guidance and education to teams on control intent, expectations,
and audit readiness. Compliance Reporting & Risk Transparency ·
Develop and deliver executive level compliance reporting,
dashboards, and risk summaries. · Provide leadership with clear
visibility into control health, risk posture, and remediation
progress. · Support regulatory responses with accurate, evidence
based narratives and documentation. Process Maturity & Continuous
Improvement · Identify systemic control weaknesses and lead process
improvements to reduce audit risk and operational friction. ·
Establish repeatable, scalable compliance oversight processes to
support long term regulatory sustainability. Leadership and
Business Acumen · Lead and develop a compliance focused team
responsible for governance execution and audit readiness. ·
Establish clear performance expectations aligned to control
execution quality, audit outcomes, and risk reduction. · Partner
effectively with senior leaders, control owners, and auditors as a
trusted compliance authority. · Demonstrate sound judgment,
discretion, and professionalism when managing regulatory risk and
audit interactions. CANDIDATE PROFILE Education & Experience
Required · Bachelor’s degree or equivalent combination of
education, certifications, and experience. · 10 years of
progressive IT leadership experience, with demonstrated ownership
of governance, audit, or compliance functions, including leading
teams, delivering complex initiatives, and driving process
improvement and operational excellence. o Team leadership in
matrixed organizations o Servant leadership that highly values
feedback o Demonstrated ability to resolve conflict and drive
direction/focus · Proven experience executing and supporting
regulatory IT controls in large, complex enterprises. · Strong
working knowledge of: o IT Operations o Regulatory control
frameworks o Audit methodologies o ITIL & SDLC Processes o Process
maturity models (e.g., CMMI) · Demonstrated experience leading
audit facilitation, evidence management, and remediation execution.
· Exceptional written and verbal communication skills, including
the ability to present complex compliance topics to senior
leadership. · Proven ability to influence and drive outcomes
without direct authority across matrixed organizations. Preferred ·
Experience with IT Asset Management, Change Management, and
Software Lifecycle controls. · Prior experience supporting internal
and/or external regulatory audits. · Familiarity with IT
governance, risk, and compliance (GRC) operating models. · Strong
analytical skills with the ability to translate data into audit
ready insights. · Experience building repeatable compliance
processes in evolving or transforming organizations. At Marriott
International, we are dedicated to being an equal opportunity
employer, welcoming all and providing access to opportunity. We
actively foster an environment where the unique backgrounds of our
associates are valued and celebrated. Our greatest strength lies in
the rich blend of culture, talent, and experiences of our
associates. We are committed to non-discrimination on any protected
basis, including disability, veteran status, or other basis
protected by applicable law.
Keywords: Marriott Hotels Resorts, Ellicott City , FLEX Director, IT Governance, Audit and Compliance, Accounting, Auditing , Bethesda, Maryland
