Summary for the IT Director, Information Security Engineering
Responsible for leading the Host & Identity & Access Management (IAM) Security Engineering teams. The Security Engineering team is responsible for the business of security which range from technology roadmaps, vendor/budget management as well as administering all security services including executing enhancements, upgrades, and troubleshooting.
The Director role provides the leadership required to resource and execute the implementation of solutions to address current and future security needs across the enterprise to protect the business. Serve as internal business consultant in the support of evolving the company's Host & IAM security capabilities and services. Highly visible role with IT executives and directly interface with the business community.
Responsibilities of the IT Director, Information Security Engineering
• Expertise around industry best practices in the various aspects of IT and Security, trends, retail knowledge and ability to implement solutions to enable key business strategies. Proven track record and ability to balance desired capabilities end-state within program/environment constraints and with a pragmatic lens.
• Lead & mentor a team of engineering resources to drive the execution of the technology roadmap, optimize existing security capabilities, and ensure stability of solutions to continue protecting the business.
• Lead the team to ensure a current roadmap and strategy exists for each service in production as well as gaps in security that need to be remediated
• Lead the team to ensure the Security Operations/Application Management teams are effectively executing day-to-day procedures to maintain the environment
• Lead the team to ensure all production services are fully identified, documented and regularly cared for (ie. patching, certificate updates, middle-ware updates)
• Lead the team to remediate known security vulnerabilities and/or stability risks
• Provide direction for program management activities requiring budgeting and resourcing input across all IT teams
• Help influence and set strategic direction for the company. Work with business and IT owners to help define, develop and maintain strategic and tactical programs and plans
• Work closely with the Security Engineering (Host Security & Identity & Access Management) team and set the direction for improving security functionalities of existing infrastructure.
• Engage the extended Architecture, Engineering, and Application teams through the delivery processes and procedures
• Ensure the security infrastructure availability - disaster recovery
• Ensure security infrastructure is achieving defined security objectives
• Own and administer the Information Security Host & IAM directional resource plan, factoring in the dynamic demands on the team, team limitations and priorities in partnership with CISO, Chief Security Architect, iGRC & Cyber Defense teams
• Own and administer the Information Security Host & IAM expense and capital budget, and 5-year plan
• Stay current with retail and security technology industry trends and lead the adoption of strategic technologies across all IT stakeholders
Qualifications for the IT Director, Information Security Engineering
• Undergraduate degree in information security or a related technical discipline preferred
• At least 10 to 15 years of experience in Information Security with progressive responsibility and influence
• Broad knowledge of major technologies, platforms, and systems
• Demonstrated experience in delivering enterprise-wide solutions
• Experience managing team members with multiple levels of seniority/management
• Experience managing service providers/integrators, including offshore services
• Strong analytical ability, judgment and problem analysis techniques
• Strong communication skills both written and verbal and able to effectively operate with VP and above executives
• Strong interpersonal skills with the ability to work effectively in a matrixed organization
• Ability to work with teams that are geographically distributed
• Demonstrated ability to execute financial analysis, such as TCO models and ROI
• Technically competent; able to supervise and inspire other senior technologists
• Some travel may be required
Preferred skills for the IT Director, Information Security Engineering
• Experience with cyber defense (SOC), incident response, and disaster recovery activities
• Working knowledge of risk management, IT compliance (PCI, SOX), and security governance
• Experience with project/program management tools, budgeting/forecasting, and resource/demand management
• Some professional services / consulting experience
• Graduate degree
Manager – Host Security Engineering
Manager – IAM Security Engineering
Comprehensive benefits package plus bonuses
When applying, please note that you saw the job posted on the NOVA Job Board. If you need help with your resumé, please see a NOVA Career Advisor.