Established in 1996 in Amsterdam, Booking.com has grown from a small Dutch start-up to one of the world’s leading digital travel companies. Part of Booking Holdings Inc. (NASDAQ: BKNG), Booking.com’s mission is to make it easier for everyone to experience the world.
Booking.com is the largest business within Booking Holdings (NASDAQ: BKNG) and accounts for the vast majority of Booking Holdings’ total revenue. Booking Holdings is a leading Fortune 500 e-commerce conglomerate with a market cap of approximately $84 billion and revenues of $15.07 billion (2019). Booking.com currently employs more than 17,000 employees in 214 offices in 70 countries worldwide.
With a mission to make it easier for everyone to experience the world, Booking.com invests in digital technology that helps take the friction out of travel. Booking.com connects travelers with the world’s largest selection of incredible places to stay, including everything from apartments, vacation homes, and family-run B&Bs to 5-star luxury resorts and even tree houses. The Booking.com website and mobile apps are available in over 43 languages, offer more than 28 million listings, including over 6.2 million homes, apartments, and other unique places to stay. So whether travelling for business or leisure, customers can instantly book their ideal accommodation quickly and easily, without booking fees and backed up by its promise to price match. Via the customer experience team, customers can reach Booking.com 24/7 for assistance and support in over 43 languages, any time of the day or night.
At Booking.com, we are all involved in making hundreds of decisions every day. The decisions we make are a reflection of our Values - they reflect what is important to us, both as individuals and as an organization.
When we use our Values to make decisions, we make a deliberate choice to focus on what is important. When Values are made explicit, they provide clarity on what “good” looks like. And when they are shared, they build unity in a group. They build culture.
Think customer first. We obsess about adding value for our customers - guests, partners, colleagues - to make it easier for everyone to experience the world.
Own it. We deliver on our promises, make informed decisions and prioritize to get the important things done today.
Learn forever. We are resilient, take time to reflect, and seek to learn – from colleagues, from the outside world and from our failures.
Succeed together.We celebrate team success, through making connections, building trust and valuing the diverse perspectives of others.
Do the right thing. We get the right results the right way. For each other, our communities and the world around us.
Booking.com Leadership Team
Chief Executive Officer, Glenn Fogel
SVP, Chief Finance Officer, Marcela Martin
SVP, Commercial Operations & Accommodations (ABU), James Waters
The Director of Strategic Program (Four Pillars) leads key programs and projects that will have a material effect on Booking.com's goals and objectives. The Director develops plans to push those projects to completion with all the intermediate activities between program launch and delivery. The role requirements demand specialist technical and professional skills predominantly in the fields of Information Technology, Security Risk Management, Cybersecurity and Compliance.
This position is a core member of the Chief Security Officer’s leadership team and key contributor to the global business, security and compliance strategy. The position is responsible for the execution of one of Booking.com’s key initiatives which happens to be in the realm of Information Security and Regulatory Compliance.
As the leader of this critical function you will be:
Lead the execution and delivery of the 4PP and Strategic Programs as directed.
Lead the work to implement Booking.com’s goal to achieve CMMI score of 3.5 or higher in the domains of (Technology) Asset Management, Change Management, Access Management and Data Governance by the end of 2021 thereafter leading a period of proven sustainability, resilience and continuity against said standards.
Chair the 4pp Steering Committee and oversee all Working Groups within 4PP.
Within the scope of the 4PP, plan to deliver sustainable processes and capabilities to meet corporate IT compliance requirements according to internal policy and International and U.S. regulatory requirements.
Oversee all internal and external audits engagements pertaining to 4PP.
Lead Risk Management processes pertaining to 4PP including decision making around risk appetite, risk mitigation, risk narratives and associates metrics and reporting.
Partner with Central Tech., Product, Accommodations Business Unit and Corporate Functions program/project teams to update security guidance and review new projects for security risks to ensure 4PP controls are incorporated into the solution and product development lifecycle.
Evaluate, recommend and approve security education and awareness materials designed to reinforce the implementation and outcomes of the 4PP.
Be accountable for the management and oversight of all 4PP vendors and suppliers as needed including review contracts, service level agreements and other documents to verify the company is obtaining best value and that vendors are meeting our information security needs and requirements.
Execute 4PP budget evaluation, design and execution in a manner which fosters best-value, considers broad-scope opportunities, and drives a positive return on investment.
Incorporate 4PP controls into future technology modernization and transformation efforts for example migrating legacy and new systems to the Public Cloud.
Be accountable for the resource planning including financial plans and human resources as it pertains to 4PP.
Oversee the creation of policy, standards, guidelines and other artifacts as required in support of an overall quality system for 4PP.
Bachelor’s degree in computer science, or computer engineering. Masters or advanced degree is preferred
12+ years general management experience and proven record in managing all facets of complex large international commercial operations
Experienced Chief Information Security Officer or other Senior Security Leader or deputy role within or working for a large, matrixed organization or a Senior Security Consultant with technical hands on experience.
8+ years seniority leading large teams or people networks in excess of 50 individual
8+ years experience in setting the strategic direction, being accountable for and delivering strategic objectives, aligning programs with the organization's strategic direction, and focusing on continuous improvement efforts within a complex technology organization
Expert understanding of cybersecurity concepts, principles and practices.
Excellent technical skills in the sphere of network security, application development, cloud security
Experience working in a fast-paced, technology-centric and/or online business
Proven ability to effectively prioritize and execute tasks with competing priorities; strong influencing skills to work with various service owners
Excellent communication, analytical and planning skills to manage the implementation of information security controls and services
Experience successfully delivering programs and/or multiple projects on-time, in scope, on budget and on quality based on agreed business goals
Capable of anticipating needs and driving clarity on expectations
A solution-oriented mindset, with the ability to exercise good professional judgment
Policy development, program management and strategy development
Experience in outsourced/insourced operations tasks and activities
Resilient. Able to work under high-pressure situations, meet challenging timelines and be the calming, reassuring leader in times of emergency or crisis
Ability to drive the cybersecurity roadmaps, while still “rolling up your sleeves” and getting involved in the hands-on, day-to-day activities
Experience working in an online environment and experience with programs such as ISO, SOX, GDPR, CCPA, NIST CSF and other related compliance frameworks
Proven ability to be a visionary by creating or adopting new strategies that take into consideration the changing cyber-landscape
Excellent presentation skills, especially with senior executive audiences
Strong knowledge or business experience in other business units or functional areas outside Security
Excellent conceptual problem-solving skills with demonstrated ability to bring structure to vaguely defined problems, pragmatically scope problems and manage execution
Organizational and political agility; developed negotiation and influence skills
Unquestionable personal code of ethics, integrity, diversity and trust
Able to successfully navigate within varying degrees of ambiguity in a fast-paced environment.
OTHER PERSONAL CHARACTERISTICS
Able to function in a fast-moving entrepreneurial environment
Humble yet confident, with high self-awareness
A strategic thinker yet focused on execution; able to roll up their sleeves to get things done
Self-starter with high energy and drive; fast-paced and results-driven; forward-thinking
Experimental, ready to learn and open to change
Keep the customer at the centre of everything you do
Good cultural and organizational sensitivity
Committed to building a diverse, inclusive work environment.
CRITICAL LEADERSHIP CAPABILITIES:
Publicly identifies needed changes or directions that need adjustment, challenges assumptions and norms.
The ability to “think big” and simultaneously understand and appreciate the details necessary to operationalize overarching strategies and goals; The ability to make sense of complex issues and ambiguous situations.
Challenges assumptions about “the way things are done”.
Communicates explicitly what must change, why changes are necessary, and possible outcomes and costs.
Adjusts communication style to the audience to help them understand and accept the change.
Encourages people to support and propose changes and ideas.
Building relationships, Collaborating and Influencing
Establishes relationships and enhances the levels of cooperation, collaboration, and trust that exist between people, interacting with others personally, competently, and effectively. Establishes relationships inside and outside of the organization. Fosters a culture that makes people feel valued and respected and leverages even difficult or tense circumstances to enhance relationships.
Negotiates with a genuine give-and-take approach, where both acts as true peers and decisions are shared.
Spends time identifying all stakeholders necessary and meets or connects with all of them, neglecting no one to shape a collective consensus.
Identifies opportunities to build relationships that will help others achieve their objectives and reaches out to those people or new people.
Responds resourcefully, flexibly, and positively when faced with new challenges and demands. Willingly and effectively deals with the stress and complexities of various situations. Moves forward productively under conditions of change or uncertainty
Demonstrates and fosters a sense of urgency, a “can-do” spirit, a sense of optimism, ownership, and strong commitment to achieving goals and organizational success. Demonstrates a strong sense of ownership and a commitment to achieving meaningful results.
Checks work of self and others against required quality standards.
Reviews performance and progress on a regular basis to ensure team is achieving results.
Tests to see if goals are sufficiently challenging and implements corrective action based on deviations.
APPENDIX: BUSINESS LEADERS BOOKING.COM AND INDUSTRY COMMENTARY
Business Leaders and Overview
Glenn Fogel (CEO): Video on outlook and competition from Google
Booking Holdings and Expedia in arms race to deliver the connected trip
Booking takes flight
Brand Business - an interview with Arjan Dijk
4 Booking.com Product You Might Now Know About
Booking launches ride-hailing service in partnership with Grab
Booking.com: The Oral History of Travel's Greatest Acquisition
Booking.com’s Executive Biographies
Booking Holdings and acquisitions and internal growth
Quarterly Results and Annual Reports Booking Holdings