Director of Information Security Governance and Risk Management

Company: Southern Glazer's Wine and Spirits, LLC
Location: Miramar
Posted on: May 3, 2021

Job Description:

Responsibilities

Apply Now Apply Now Apply Later

Job ID MIR00001764 Date posted 11/06/2020

Job Description

Overview

The Director of Information Security Governance and Risk Management is responsible for establishing and maintaining the Enterprise Information Security Governance and Risk Management program to ensure information assets and technologies are adequately protected. The director leads staff in identifying, developing, implementing, and maintaining policies and standards across the enterprise to reduce information and information technology (IT) risks. Develops and maintains a comprehensive security awareness and training program and identifies, tracks and oversees the remediation of security vulnerabilities and risks to the organization.

Duties and Responsibilities

• Work with business partners to ensure security compliance of technical solutions
• Develop, publish, and deploy information security policies and procedures for the enterprise, including network, platform, and endpoint security; access management; and threat prevention, detection, and response
• Partner with the enterprise architecture team and other key IT leaders to create, publish, and continuously improve the information security architecture for the enterprise
• Develop and maintain a Risk Register to log and rate security risks. Use the Risk Register to guide prioritization of projects and deployment roadmap
• Socialize and implement the organization's information security policies, standards, and procedures and disaster recovery policies and procedures and monitor compliance.
• Coordinate information security compliance activities
• Develop and deploy security governance. Partner with the Program Management Office to integrate with other governance procedures as needed.
• Develop strategic partnerships in the Wine and Spirits industry, including information security leaders within SGWS's suppliers
• Monitor compliance with the enterprise information security policies, standards, and procedures among employees, contractors, alliances, and other third parties.
• Perform information security risk analysis and periodic information system activity audits / reviews for information security processes
• Initiate, facilitate, and promote activities and training to foster information security awareness across the full Southern Glazer's enterprise
• Stay current on changes in legislation, accreditation standards, and threats that affect information security
• Recruit, hire, train and develop high performing information security team.
• Effectively administer performance management systems and reviews
• Develop a full Governance and Risk Management program to protect our business, including current situation assessment, proposed future state, and multi-year deployment roadmap.
• Design and implement security standards to support the data security needs of systems being developed

Qualifications

Minimum Qualifications

• Bachelor's degree in related field or equivalent experience
• 10 or more years of work experience in IT with a broad range of exposure to different platforms and technologies
• 7 or more years of experience with enterprise information security
• 5 or more years in an information security leadership role
• Strong track record of successful appointments in similar roles within IT
• History of strong client support through technology management
• Experience managing technology teams
• Successful track record with managing offshore/onshore resources
• Expertise in leading and developing successful teams
• Relevant industry experience
• Technical background with project management
• Experience with managing an information security program
• Financial budget management experience
• Experience directing a team of information security, security managers, security analysts, security engineers, security administrator and matrix management of technology risk managers
• Strong balance of business acumen and technology knowledge
• Good verbal/written communication skills
• Self-starter / motivated
• Strong attention to detail
• Strong team player who can work across multiple functions and lead peers

Preferred Qualifications

• Master's degree
• Experience with GRC tools
• Certified Information Systems Auditor (CISA) and/or Certified Information Security Manager (CISM) certification
• Experience in food and beverage, CPG or distribution industry

Physical Demands

• Physical demands with activity or condition for a considerable amount of time include sitting and typing/keyboarding using a computer (e.g., keyboard, mouse, and monitor) or adding machine
• Physical demands with activity or condition may include occasional to rare amount of time include walking, bending, reaching, standing, and stooping
• May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs

Southern Glazer's Wine and Spirits provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Keywords: Southern Glazer's Wine and Spirits, LLC, Hollywood , Director of Information Security Governance and Risk Management, Other , Miramar, Florida