This job has expired, please see additional jobs below
Director, IT Security & Compliance
DSW
Columbus, OH, United States
Job Details - this job has expired, please see similar jobs below
Location Name: Home Office, Columbus
Department: Information Technology
At DSW, we believe in the power of shoes. We understand shoes bring out something great from within, and since 1991 we've been helping everyone feel the rush of finding that perfect pair. So when you work for DSW, you become a part of all that. A family whose core values are comprised of passion, accountability, collaboration, and humility. You become one of us, You become a Shoe Lover!
The Director, IT Security & Compliance will lead the Compliance, Risk and Security teams responsible for DSW Inc companies responsible to develop and drive an integrated IT & Security strategy, combining industry leading physical and digital security practices, and associate knowledge capabilities, with cyber security elements such as data security practices, monitoring, response activities and predicative modeling across the DSW inc companies. This position reports to the CIO and has direct reports.
Essential Duties and Responsibilities:
• Develop and drive an integrated IT & Security strategy, combining industry leading physical and digital security practices, and associate knowledge capabilities, with cyber security elements such as data security practices, monitoring, response activities and predicative modeling across the DSW inc companies.
• Direct and drive the assessment, creation, and the implementation of DSW’s enterprise Information security standards, using innovation, in IT Security policies and practices leading to a highly visible, high-impact program that is recognized and valued by our associates and executives.
• Develop creative methods for aligning IT Security, physical security and Cyber-Security practices to increase value for DSW.
• Act as a senior member of the IT Leadership team capable of driving shared vision, leadership, leadership team development and capable of broadly representing IT Strategies and security principles with DSW’s executives and associates.
• In cooperation with the CIO, direct the develop, design and implementation of an innovative and effective strategy and security processes, to protect our valuable technology assets from harm or loss.
• Develops, maintains and delivers upon credible execution plans to implement the security strategy.
• Directs staff in identifying, developing, implementing, and maintaining security standards, processes, controls, practices, procedures, and policies throughout the organization.
• Researches and deploys technology solutions and innovative security and management techniques to safeguard the organization’s assets, including intellectual property.
• Develop associate and executive protection plans driving delivery through creative education, communication and direct engagement.
• Improve the security of DSW’s information infrastructure and minimize the threat of damage resulting from intrusions
Required Skills and Competencies:
• Ensures all companies within DSW Inc’s compliance with regulatory and standard agencies (ISO, Sarbanes-Oxley, PCI, etc.) as it applies to our Company.
• Oversight of the Information Security Management System and security forum steering committee
• Oversees, develops, educates and communicates security requirements and procedures to all personnel
• Directs the development of policies to ensure a secure operational environment for the connectivity and data repository of the DSW customer base for all hosted data centers
• Provide an effective response to DSW customers for computer security incidents or concerns
• Author security and disaster-related documentation within Hosting Operations including: Disaster Recovery Plan, Business Continuity Plan, security standards, and security policies
• Directs the support of internal IT and Hosting Operations in response to Security related incidents
• Act as a liaison to local and federal authorities in the event of discovered criminal activity
• Provide expertise in defining and improving the security of DSW products via interaction with R&D
Qualifications
Experience:
• 15+ years of IT experience and a minimum of 10 years of management experience, preferably in security
• CISSP, CISM, GIAC certifications highly desirable
• Expert understanding of the SDLC (Software Development Life Cycle) process.
• Strong analytical, documentation, and communication skills
• Strong understanding of IDS & IPS technologies
• Strong understanding of Windows event log analysis
• Experience with enterprise information security data management tools and log analysis
• Excellent communication, collaboration, and teaming skills; skills and experience in executive level communication and presentations
• Must possess planning, organizational, and motivational skills, able to write clearly and succinctly in technical and non-technical formats.
• Comprehensive knowledge of business principles and techniques of administration, organization, and management including knowledge of strategic and operational planning, economics, personnel administration, marketing, financial and cost analysis, and general industry trends.
• Strong leadership skills with a preference for managing an IT governance process for overall business benefit Ability to speak both extemporaneously and in formal settings.
• Experience in root cause analysis, industry bench-marking, survey evaluation and data interpretation
• Have the ability to apply logic and reason to solve complex problems.
• Able to infuse innovation and creativity to strategic plans.
• Possess knowledge in the area of emergency/disaster management, physical security, critical incident stress management, risk management and business resiliency
• Strong analytical, critical thinking and problem solving skills.
• Ability to establish and maintain cross-functional and positive working relationships
Education:
Bachelors Degree in Computer Science of related field