This job has expired, please see additional jobs below
Director of IT Security
Belk
Charlotte, NC, United States
Job Details - this job has expired, please see similar jobs below
The Director, IT Security reports to our VP, IT Security & Infrastructure and is a strong, highly visible leader responsible for leading IT Security, Compliance, Incident Response, Disaster Recovery, and Business Continuity for the Belk Enterprise.
The Director provides senior leadership and direction for all related work efforts of Belk’s internal and outsourced security and compliance groups to build a culture of excellence based on leading by example, driving continuous improvement, ensuring security, compliance, and recoverability, and maintaining a relentless focus on risk management.
The Director will have responsibility for the ongoing development and management of all business continuity program processes and initiatives, including business continuity planning, technology disaster recovery planning, and crisis management planning. Responsibilities include coordinating and facilitating the design, development, maintenance, and exercising (testing) of recovery plans and supporting recovery capabilities for Belk's critical functional areas (including headquarters and distribution centers) to ensure an integrated approach for business continuity management across the corporation.
The Director will also have responsibility for the ongoing development and management of all security and compliance program processes and initiatives including: threat and vulnerability management; data classification and loss prevention; identity and access management; PCI and SOX compliance; awareness activities and incident response.
• Communication – Communicate effectively and appropriately with both technical and non-technical audiences. Ensure transparency and well-planned communication.
• Audit and Compliance – Own, operate, and continuously improve Belk’s IT Compliance Program. Ensure both compliance and security through effective processes, controls, and assessments.
• Security – Ensure security and compliance of all company compute assets and environments. Ensure that risks are evaluated and minimized on an ongoing basis, and that security posture evolves as necessary to protect the enterprise.
• Disaster Recovery – Work with architecture group to ensure that compute environments are designed and built to provide the required replication / recovery capabilities by tier of application. Document, test and refine replication, failover, and DR processes.
• Business Continuity – Work with key business stakeholders to ensure Business Continuity planning and testing. Ensure company readiness for partial or full disaster at any technology site.
• Process Improvement – Ensures constant improvement of Security, BCP, and related processes. Creates and maintains focus on measurement and constant improvement of all core processes.
• Perform overall risk analysis for the company to identify points of vulnerability and recommend disruption avoidance and reduction strategies. Provide guidance to and coordinate the efforts of Belk management in the development of procedures, policies and strategies to mitigate risk for critical Belk functional areas.
• Provide guidance to and coordinate the efforts of Belk's management in the development of recovery strategies and recovery procedures for critical business functions to follow during a disruption.
• Establish a business continuity management testing process for Belk; plan and coordinate the testing of recovery plans across the corporation.
• Establish awareness programs and conduct training to educate managers and staff of the importance of the information security and business continuity management program.
• Enforce policies, standards and processes for information security and business continuity.
• Implement and support Identity and Access Management processes and tools for Belk.
• Maintain, monitor, test, assess and remediate SOX and PCI controls to assure compliance with stated and required objectives.
• Develop roadmaps, strategies and project lists to achieve BCP and IT Security objectives. Manage these projects to achieve these objectives on time and on budget.
• Bachelor’s Degree in Information Systems, Business Administration, Computer Science or other relative Technical Degree (equivalent work experience will be considered in lieu of degree)
• At least 10 years experience working in an IT department
• At least 5 years experience in a Security Senior Leadership Role
• Experience developing strategic and tactical plans to meet Security and BCP strategies, goals and objectives
• Experience managing both insourced teams and outsourced teams, or contract teams to deliver secure and compliant environments
• Experience analyzing, designing, implementing and measuring the effectiveness of process improvement activities
• Ability to act quickly in a crisis situation to make decisions and keep key constituents informed of the situation
• Proficient in the use of Microsoft Office Products: Word, PowerPoint, Excel and Project
• Excellent verbal and written communication and presentation skills