Choice Hotels International, Inc. | 1 Choice Hotels Circle, Suite 400 Rockville, MD 20850
Jason Stead, VP, Enterprise Security, Privacy & Corporate IT
So how did you come to Choice? What about Choice appealed to you?
I had no idea who or what Choice was when the opportunity first came across my desk. Some people at Choice who I knew reached out to me and said, “Hey, we have this cool opportunity you should look at.”
At the time I came to Choice security responsibilities were distributed throughout numerous teams. This was an opportunity for me to come in and establish my own footprint, my own presence here at Choice. So when I came to Choice in 2008, I established a centralized program and built a team. The reason why I love being here at Choice? You can make a significant impact as an individual.
Choice gives us opportunities to influence the organization, to grow in our position, and to do things that matter.
That philosophy still exists today, especially when I look at my team. Everybody is empowered to make decisions. That’s the expectation. We’re at such a size as an organization that we’re not siloed into limited responsibilities or decision making. We really expect everyone to learn a lot of different technologies and to continually grow in their career; and make suggestions on how we can do things better.
How did you get into cybersecurity in particular?
My undergrad was in computer science, business, and accounting. Right out of college I became an IT and financial auditor. I liked how IT and the business were married through that organization, but during those years, I got exposure to a lot of different businesses. That really gave me insight into best practices as well has how not to operate. From there I transitioned rather naturally from an auditing role to a cybersecurity role, because they’re very similar. At its heart, cybersecurity is about risk management.
How do you stay on top of the rapid changes inherent to IT?
It’s really hard to stay abreast of what’s happening in IT and cybersecurity. I spend a lot of time reading and networking with my peers, with people outside of my industry, and people in the valley as well as people in the DC metropolitan area. Everybody on my team is expected to go to formal training and to continuously stay on top of the latest trends and topics.
What does your role in cybersecurity at Choice entail?
My role at Choice is to minimize the likelihood and the impact of a cyber incident. I’m constantly meeting with my constituents and team to identify the latest threats, the latest business opportunities, and figure out how you marry the appropriate level of controls while still enabling the business to get the job done.
What is the most rewarding part of your work?
The most rewarding part of my career has been the ability to make a difference. When I started at Choice, cybersecurity was a distributed function. Today, it’s a part of strategic business decisions. Everyone from our senior most executives to our brand new associates are made aware of the world that we live in and the things we need to do to help protect our information.
My experience at Choice isn’t unique, in that ability to make a significant impact as an individual. That’s the expectation for everybody here, and the opportunity.
What’s it like to work for you? How about what it’s like to work for your boss?
My team members are given a large amount of autonomy. I ensure that they know the goals we need to accomplish, but they’re empowered to determine how we accomplish those goals. I’m somewhat of the opposite of a micromanager. And my boss is the exact same way. He sets the expectation, gives me the opportunity to do it in the manner that I see fit, and then we check in on a regular basis as needed.
What are you looking for in candidates in enterprise security?
I’m looking for candidates who are inquisitive, who want to make a difference, and who are good people. I seek candidates who are collaborative. The candidate’s personality and natural curiosity is more important than the technical skills.
That said, I’d like to see people with a fundamental understanding of how technology works. In cybersecurity we’re expected to understand broad sets of technologies, and we can teach you the specifics of any given technology, but I like it when you have the basics of how technology works.
What advice would you give someone who would be coming to work at Choice? Any key takeaways?
Come prepared with a positive, get it done attitude, because we’re a fun group of people and we’re looking for people that are passionate about making a difference in cybersecurity and Choice. Many people think of cybersecurity as being technically focused. While that’s very true, we’re not here because of technology, we’re here because of business opportunities, and people want to take advantage of that. You have to really be focused on marrying the right level of controls while enabling the business to succeed.