Sr. Director Security Compliance Data Privacy
Job#: 514796
Positions: 1
Posted: 10/04/2019
Job Type: Full Time
Location: Enfield, CT (Corporate Office)
Department: IT
Category: IT
Salary: Salary
Benefits: Full Benefits
Apply To This Job
Return To List

Job Description

 

As America's oldest clothing retailer, Brooks Brothers has a long history of creating long-term relationships with both our Customers and our Associates. With more than 260 stores throughout the United States and Canada and more than 200 locations abroad, we continue to grow the brand with a respect for our heritage and a vision for the future.

The diversity of our operations has recently created an opportunity for a Sr. Director Security Compliance Data Privacy  located at our Enfield, CT location.  This critical and highly visible role is responsible for information security, compliance, and data privacy governance and strategic direction, and is the most senior level Information Security role, reporting directly to the CIO. This role oversees Information Technology (IT) security policies, standards and environments consistent with IT roadmaps, enterprise architecture, and IT strategy, also leading IT security risk management and data privacy activities. You will determine regulatory requirements and standards and develop compliance and enforcement policies. You will also prioritize technology and business risks based on business exposure and construct an overall strategy to mitigate. This is a senior leadership role that will oversee associates, contractors, and vendors who safeguard the company’s technology assets, intellectual property and computer systems. You will collaborate and partner with the organization to maintain a balance between security control compliance, usability and functionality.

Accountabilities:

  • Direct day to day activities will be focused in 4 main areas: Security Engineering, Security Operations, Incident Response, and Privacy & Compliance (PCI, PII, NIST, GDPR, CDPA, etc.)
  • Ensure the correct functionality and coverage of the security solution set required to meet compliance needs and align with the organization’s risk posture and security roadmap
  • Facilitate the smooth execution of the Privacy program, removing obstacles to success and leading the efforts to further integrate the program within the overall execution of IT and business solutions
  • Generate appropriate risk-based analysis for the Executive Information Security Council
  • Be the initial point of escalation for security incidents that cannot be resolved by the incident manager and associated team
  • Review all contracts for alignment with data protection and privacy requirements 
  • Operate as the Security Architect for all projects
  • In conjunction with the Director of the Project Management Office, continue to align security needs with the SDLC
  • In partnership with the Director, Infrastructure & Operations - ensure that system and endpoint patches are applied in alignment with risk-based indicators, and the vulnerabilities are promptly mitigated

 


 
Skills/Requirements

 

Preferred Experience & Skills:

  • CISSP, or 10+ years experience in Information Security
  • Expert level knowledge of information security
  • Must be self taught, and externally focused to keep up with ever changing guidelines
  •  Provide leadership and direction for Information Security monitoring mechanisms used to identify threats to the organization’s information assets and information system resources
  • Advise executive management (via the Quarterly Security Council) by identifying critical security issues and providing assessments on the effectiveness of existing security controls and procedures. Make recommendations for the adoption of new controls or revised procedures
  • Serve as focal point for information security issues and provides awareness to the user community and their respective managers. Promotes general Information Security awareness by delivering training and education on security issues as needed
  • Manage the creation and production of timely, accurate, and informative security metrics relating to information security threats, including cyber threats
  • Manages and develops staff required to perform the responsibilities of the function

Skills:

  • Experience defining and implementing IT and Enterprise Architecture strategies.
  • Project management experience, including management of full lifecycle implementations.
  • Experience with business continuity planning, data privacy, IT audit, risk management, security operations, and managed security services.
  • Experience with regulatory requirements and standards frameworks.
  • Ability to communicate ideas and data both verbally and written in a persuasive and appropriate manner.
  • Ability to utilize data collection, analysis, maintenance application and refinement methods to make fact based decisions.
  • Ability to set priorities, develop workflow processes and manage staff including assessing strengths and weakness and establishing development plans.
  • Experience working in the Retail sector and PCI highly preferred (but not required).
  • Bachelor's Degree in Information Systems or related field

 

 

The Brooks Brothers culture is rooted in our values of relationships, innovation, history, fairness and celebration and our vision to be the premiere lifestyle destination for ladies and gentleman for every generation. We are proud to offer our Associates a fulfilling work environment, unique and special benefits and a wide range of opportunities for personal and professional development.

Additionally, Brooks Brothers offers competitive compensation, excellent benefits and a positive work environment designed around the philosophy of mutual respect and the challenge of contributing to the continued success of our organization. 

We invite you to submit your resume for immediate consideration.

Best Regards,

The Talent Acquisition Team of Brooks Brothers

 

#LI-POST

Apply To This Job