This job has expired, please see additional jobs below
IT Director, Security
Scentsy Inc
Meridian, ID, United States
Job Details - this job has expired, please see similar jobs below
Overview
Scentsy is looking for an IT Security Director to manage the overall Scentsy IT Security program by ensuring that comprehensive security policies are in place, security for existing systems are maintained, security for new implementations are maximized, and that processes are in place to control and monitor policy implementation. The IT Security Director is expected to possess the requisite knowledge and experience to develop, manage, and continuously improve the Scentsy IT Security program.
What You Would Do:
• Manage the Scentsy IT Security organization while interfacing and working closely with Scentsy IT Leadership and IT personnel to ensure comprehensive protections are in place
• Oversee the Computer Security Incident Response Team (CSIRT)
• Recommend information technology strategies, policies, and procedures by evaluating organization outcomes, identifying problems, evaluating trends, and anticipating requirements in order to maintain effectiveness and efficiency
• Foster a culture of continuous IT Security improvement within Scentsy which also inspires ownership within the IT Security organization
• Manage, motivate, and develop staff by, selecting, evaluating, orientating, training, coaching, counseling, and developing personal growth opportunities for employees
• Maintain a safe, secure, work environment
• Prepare long-and short-range plans for Computer Security personnel and systems
• Develop proposals for purchasing hardware, software, and technical services to assure that security systems are comprehensive
• Analyze proposed and current IT projects for proper security; manage labor, budget, expectations, and timelines for approved projects
• Provide technical assistance to management in the facilitation of planning and directing complex issues, installation, modifications, and operations related to security
• Communicate company and business vision, goals, and strategies to build security awareness and commitment within the Scentsy organization
• Shape the organizational direction and goals for IT Security to maintain appropriate IT Security levels and quality
• Mentor employee in providing technical expertise in administering IDS/IPS, firewalls, and security consoles
• Develop and maintaining risk assessments, policies, procedures and security plans
• Perform all other assigned tasks and requirements as needed
Our Ideal Candidate Has:
• Bachelor’s degree in Information Technology Management
• 12 years of IT Operations or IT Security Operations experience
• 4 years of IT Security management experience
• Experience creating and managing a comprehensive IT Security Program to multiple IT security standards
• Payment Card Industry Internal Security Assessor (PCI ISA) (Required for Level 2 Merchant); Certified Information System Security Professional (CISSP); or equivalent certification
• Command of the eight domains that constitute the CISSP Cyber Security common body of knowledge
• A proven track record of obtaining results
• Updated knowledge of IT Network and Information Security best practices
We Expect That You:
• Adhere to all established procedures, policies, and safety rules as outlined by the Company
• Work 40 hours per week; some overtime may be required
• Responsibilities may occasionally require an adjusted work schedule, long days, and evening/weekend hours in order to perform assigned tasks
• Occasional travel may be required
What You Should Know:
• Knowledge in Payment Card Industry (PCI) and HIPAA compliance, PII, and network security
• Understand security for SAP application, Microsoft, and Linux systems
• Knowledge of infrastructure design, Active Directory, and application development
• Knowledge of Landscape Architecture, Cloud Computing, and Hosting
• Implementation ability and hands on operations experience with security devices
• Track record of using discretion concerning confidential and sensitive company information
• Knowledge of generally accepted security practices and solutions combined with strong quantitative and analytical skills
• Knowledge of state, federal, and international statutes and regulations related to IT Security
• Implementation and management knowledge of vulnerability and penetration testing, SIEM, and IPS technologies
• Strong management skills with ability to motivate, stimulate, and inspire employees to maximize their efforts in productivity and quality
• Use problem-solving and critical thinking skills, and independent thinking to overcome challenges
• Ability to correctly assess threat and risk levels
• Ability to clearly communicate complex technical ideas and accurately report relevant key point indicators
• Ability to design, implement, and train others on complex engineering systems
• Ability to facilitate and implement company-wide IT changes
• Ability to successfully manage large teams and projects
• Ability to translate standards into practice
• Ability to implement appropriate IT Service Continuity, with Recover Point Objective/Recover Time Objective
• Ability to approve scheduled hardware additions to the e-commerce environment
• Ability to approve monthly spend in hosted environments for system availability
• Ability to set critical security policies to protect against high risk activities
• Ability to work at a computer station and view a computer screen for extended periods of time
• Work is generally sedentary in nature but may require walking or standing up to 10% of the time