As America's oldest clothing retailer, Brooks Brothers has a long history of creating long-term relationships with both our Customers and our Associates. With more than 260 stores throughout the United States and Canada and more than 200 locations abroad, we continue to grow the brand with a respect for our heritage and a vision for the future.
The diversity of our operations has recently created an opportunity for a Sr. Director Security Compliance Data Privacy located at our Enfield, CT location. This critical and highly visible role is responsible for information security, compliance, and data privacy governance and strategic direction, and is the most senior level Information Security role, reporting directly to the CIO. This role oversees Information Technology (IT) security policies, standards and environments consistent with IT roadmaps, enterprise architecture, and IT strategy, also leading IT security risk management and data privacy activities. You will determine regulatory requirements and standards and develop compliance and enforcement policies. You will also prioritize technology and business risks based on business exposure and construct an overall strategy to mitigate. This is a senior leadership role that will oversee associates, contractors, and vendors who safeguard the company’s technology assets, intellectual property and computer systems. You will collaborate and partner with the organization to maintain a balance between security control compliance, usability and functionality.
Direct day to day activities will be focused in 4 main areas: Security Engineering, Security Operations, Incident Response, and Privacy & Compliance (PCI, PII, NIST, GDPR, CDPA, etc.)
Ensure the correct functionality and coverage of the security solution set required to meet compliance needs and align with the organization’s risk posture and security roadmap
Facilitate the smooth execution of the Privacy program, removing obstacles to success and leading the efforts to further integrate the program within the overall execution of IT and business solutions
Generate appropriate risk-based analysis for the Executive Information Security Council
Be the initial point of escalation for security incidents that cannot be resolved by the incident manager and associated team
Review all contracts for alignment with data protection and privacy requirements
Operate as the Security Architect for all projects
In conjunction with the Director of the Project Management Office, continue to align security needs with the SDLC
In partnership with the Director, Infrastructure & Operations - ensure that system and endpoint patches are applied in alignment with risk-based indicators, and the vulnerabilities are promptly mitigated
Preferred Experience & Skills:
CISSP, or 10+ years experience in Information Security
Expert level knowledge of information security
Must be self taught, and externally focused to keep up with ever changing guidelines
Provide leadership and direction for Information Security monitoring mechanisms used to identify threats to the organization’s information assets and information system resources
Advise executive management (via the Quarterly Security Council) by identifying critical security issues and providing assessments on the effectiveness of existing security controls and procedures. Make recommendations for the adoption of new controls or revised procedures
Serve as focal point for information security issues and provides awareness to the user community and their respective managers. Promotes general Information Security awareness by delivering training and education on security issues as needed
Manage the creation and production of timely, accurate, and informative security metrics relating to information security threats, including cyber threats
Manages and develops staff required to perform the responsibilities of the function
Experience defining and implementing IT and Enterprise Architecture strategies.
Project management experience, including management of full lifecycle implementations.
Experience with business continuity planning, data privacy, IT audit, risk management, security operations, and managed security services.
Experience with regulatory requirements and standards frameworks.
Ability to communicate ideas and data both verbally and written in a persuasive and appropriate manner.
Ability to utilize data collection, analysis, maintenance application and refinement methods to make fact based decisions.
Ability to set priorities, develop workflow processes and manage staff including assessing strengths and weakness and establishing development plans.
Experience working in the Retail sector and PCI highly preferred (but not required).
Bachelor's Degree in Information Systems or related field
The Brooks Brothers culture is rooted in our values of relationships, innovation, history, fairness and celebration and our vision to be the premiere lifestyle destination for ladies and gentleman for every generation. We are proud to offer our Associates a fulfilling work environment, unique and special benefits and a wide range of opportunities for personal and professional development.
Additionally, Brooks Brothers offers competitive compensation, excellent benefits and a positive work environment designed around the philosophy of mutual respect and the challenge of contributing to the continued success of our organization.
We invite you to submit your resume for immediate consideration.