This job has expired, please see additional jobs below
Director, IT - Information/Data Security
Global Brands Group
New York, NY, United States
Job Details - this job has expired, please see similar jobs below
Specific Responsibilities
The Leader of Information Security will partner with senior leaders, businesses, and the Global IT Team across GBG to form, develop, and deliver a comprehensive information security strategy that will optimize the security posture of the enterprise. They will have oversight and responsibility for the GBG’s total information security needs. This position will be based in our corporate headquarters either in New York City or Greensboro, North Carolina.
• Develop and Implement an effective information security program.
• Responsible for strategic leadership, formation, policies, and operations of a company-wide information security program.
• Define clear objectives and goals for information security and collaborate with senior leaders, business partners, and the IT community.
• Advise senior leadership on security program direction and resource investment.
• Responsible for the strategic leadership of the information security program, while leveraging company-side resources.
• Manage and facilitate global information security governance processes.
• Chair the Advisory Committee and lead Information Security Liaisons to establish the information security program and project priorities.
• Lead information security planning processes to establish an inclusive and comprehensive information security program for the entire business.
• Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
• Stay abreast of information security issues and regulatory changes affecting consumer goods, retail and trade at the state, national and global levels, participate in policy and practice discussions, and communicate to leadership on a regular basis about those topics. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
• Provide leadership philosophy for the Information Security Office to create a strong bridge between organizations, build respect for the contributions of all and bring groups together to share information and resources and create better decisions, policies and practices.
• Mentor/Coach the Information Security Office team members and implement professional development plans for team members. Communicate clear goals and objectives.
• Perform special projects and other duties as assigned.
Policy, Compliance, and Audit
• Lead the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
• Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the company’s information and technology systems.
• Work with Internal Audit, External Auditors and outside consultants as appropriate on required security assessments and audits.
• Coordinate and track all information technology and security related audits including scope of audits, colleges/units involved, timelines, auditing agencies and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation and advocacy on audit responses.
• Work with leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the company to effectively address global statutory and regulatory requirements.
• Develop a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI, FCPA and SOX.
Outreach, Education and Training
• Work closely with IT leaders, technical experts and various leaders on a wide variety of security issues that require an in-depth understanding of the IT environment in their units.
• Create education and awareness programs and advise operating units at all levels on security issues, best practices, and vulnerabilities.
• Work with various groups such as Network Managers, engineers, development and service desk to build awareness and a sense of common purpose around security.
• Pursue employee security initiatives to address unique needs in protecting identity theft, mobile social media security and online reputation program.
Risk Management and Incident Response
• Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise.
• Convene Ad Hoc Security Committee as appropriate and provide leadership for breach response and notification actions for the company.
• Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
• Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
• Examine impacts of new technologies on the company’s overall information security. Establish processes to review implementation of new technologies to ensure security compliance.
Skills and Requirements
• Exceptional, hands-on leader with a style that is engaging, innovative, and collaborative.
• Ability to work with other leaders to establish the best balance between security strategies and other priorities at the enterprise level.
• Empower work environments across geographies, remove barriers and realize possibilities.
• Bachelors’ degree: Information Systems, Computer Science, Business or Related field.
• Minimum of 8 years’ experience.
• Ability to multi-task, set priorities.
• Excellent communications skills - both written and verbal.
• Ability to be flexible, work under pressure and tight deadlines.
• Ability to travel.
• Ability and availability to work occasional nights’/weekends.
GBG USA Inc. is an Equal Opportunity Employer.