Senior Information Security Manager

We are seeking an experienced Senior Information Security Manager to join our team. The primary purpose of this role is to manage a team focused on defining, implementing and/or maintaining processes and tools that support enterprise technology security.

This includes accountability for optimizing performance of services that span security and technology domains, including Operations, Policy, Governance and Delivery.

In addition, this role provides insight and recommendations to inform the ongoing strategy for health and care of assigned security processes and tools.

This individual manages people which includes responsibility for setting individual and team expectations, delegating assignments and managing performance, identifying talent needs, and coaching and developing team members.

With a focus specifically on Network Security Engineering, this role manages the technical aspects of developing, implementing and maintaining security infrastructure systems within various computing environments.

This role manages team(s) through all system development lifecycle phases and provides insight and recommendations to inform the ongoing strategy for health and care of assigned domain(s) and/or platform(s).

Required Skills and Qualifications:

• Bachelors Degree in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field (or equivalent work or military experience in a related field)
• 10+ years IT experience with a broad range of exposure to all aspects of business/system planning, analysis, and application development
• 10+ years of experience leading project or technical teams with or without formal direct report responsibility; this includes experience providing technical direction, thought leadership, coaching and mentoring to team members
• 10+ years of experience with information security tools, concepts and practices
• Familiarity with multi-platform technology environments and their operational/security considerations
• Experience managing projects and project resources to meet goals on simultaneous/multiple projects

Preferred Qualifications:

• Master's Degree in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field
• IT experience in the retail industry
• Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen)
• Experience in a PCI/Retail technology environment
• Leadership experience with direct report responsibility
• Experience managing in an Agile environment
• Experience leading global teams
• Experience with process management methodologies such as Six Sigma or ITIL Delivery methodologies (Agile, Scrum, SAFe)
• Broad knowledge of infrastructure (network and servers), network architecture, services and security policies
• Security Governance, Risk & Compliance
• 4 years of experience in one or more of the following fields: technical, security or privacy education/training, information security, external/internal audit, risk management (specific to Security Governance, Risk and Compliance role)
• 3 years of experience conducting or leading PCI-DSS assessments (specific to Security Governance, Risk and Compliance role)
• Network Security Engineering
• 10+years of experience in Security Engineering (specific to Security Engineering role)
• Advanced knowledge of core Information Security concepts related to security infrastructure components (specific to Security Engineering role)
• Knowledge of retail regulatory scope (PCI, SOX, etc.) (specific to Security Engineering role)
• 5 years of experience in Security Engineering (VPN, layer 4 to layer 7 firewalls, etc.) (specific to Security Engineering role)
• Security Threat & Vulnerability
• 6 years of experience in Information, Network, or Application Security (specific to Security Threat & Vulnerability role)
• Advanced knowledge of core Information Security concepts related to Threat and Vulnerability Management or Offensive security testing (specific to Security Threat & Vulnerability role)
• Knowledge of retail regulatory scope (PCI, SOX, etc.) (specific to Security Threat & Vulnerability role)