Information Technology Compliance Program Manager

Xanterra Travel Collection•Greenwood Village, CO

11h•Onsite

About The Position

Xanterra Travel Collection is seeking an IT Compliance Program Manager to establish and lead a comprehensive governance program across the organization’s technology ecosystem, including PCI DSS, Enterprise Security Standards, and Enterprise Privacy Standards programs. This role ensures technology operations remain compliant with security standards and regulatory requirements. The position is responsible for planning and delivering compliance-focused initiatives that strengthen the organization’s security posture, reduce risk, and support adherence to regulatory and audit requirements. This role partners closely with compliance, internal audit, IT, infrastructure, and business teams to coordinate project activities, manage schedules and risks, develop processes, create metrics, and communicate progress to stakeholders. This is a hands-on delivery role suited for a program manager with solid IT experience and growing exposure to compliance programs, audits, and control remediation initiatives.

Requirements

Bachelor’s degree or equivalent work experience, with 3–5 years of experience managing IT projects or technical workstreams.
Ability to collaborate with compliance, audit, and technical teams and understand cross-functional dependencies.
Familiarity with formal compliance frameworks, audit processes, or control remediation activities such as PCI DSS, ISO 27001, CMMC, or SOC 2.
Familiarity with IT infrastructure, business applications, or operational processes that support compliance requirements.
Proficiency in Microsoft Office 365, especially Teams, OneDrive, and PowerPoint.
Familiarity with project management tools.
Excellent communication, organizational, and problem-solving skills.
Ability to work effectively with cross-functional teams and communicate clearly with both technical and non-technical stakeholders.

Nice To Haves

Experience supporting PCI DSS, ISO 27001, SOC 2, CMMC, or similar compliance and audit initiatives.
Ability to translate compliance requirements into practical project activities, timelines, and stakeholder communications.
Experience with audit readiness, evidence collection, control documentation, or remediation tracking.
Experience in hospitality, lodging, cruise, or travel industries.
Project Management certification (PMP, CAPM, etc.).
Strong interpersonal skills with a collaborative and proactive approach.

Responsibilities

Manage compliance projects or defined workstreams within larger compliance initiatives.
Own and manage PCI DSS, Enterprise Security Standards, Enterprise Privacy Standards programs, and the internal controls, audit remediation, and policy or evidence management activities for these programs.
Develop and maintain project plans, schedules, task tracking, and status reporting for compliance initiatives and remediation efforts.
Work with the business to establish policies, standards, and procedures that maintain our compliance.
Oversee the IT controls framework and serve as primary contact for auditors.
Track milestones, dependencies, and deliverables to support formal compliance program requirements and audit timelines.
Work closely with IT teams, business stakeholders, and external assessors to coordinate project tasks and deliverables.
Assist in gathering requirements, documenting scope, and validating deliverables related to controls, evidence collection, and remediation plans.
Participate in project meetings, working sessions, audit readiness reviews, and compliance status updates.
Identify and track project risks, issues, and remediation activities; escalate appropriately with recommended mitigation steps.
Contribute to ongoing audit readiness and our formal compliance program maturity efforts across the organization.