Director, Global IT Security and Data Compliance - US
With Kids II in Atlanta GA USMore jobs from Kids II
Posted on November 07, 2019
About this job
Job type: Full-time
Role: System Administrator
security, reactjs, sysadmin
At Kids II, we’re really good at what we do. And when we’re great at our jobs, we help parents be great at their jobs.
Parenting is demanding, and that’s where we come in. We want to reimagine how brands can make it easier for early-stage parents – not by just selling them products, but by providing holistic solutions that transcend borders, categories, and aisles.
No matter our title or department, at Kids II, our job is to create more tiny wins for parents, so they can create bright futures for their little ones. That’s a big task!
We’re serious about what we do, AND we love to have fun. Our team is hardworking, entrepreneurial, and passionate about helping families create millions, if not billions of tiny wins.
The Director of Global IT Security and Data Compliance plays an integral part in the development, implementation, and compliance of technical security across the company. This role is responsible for managing risks related to information security, physical security, business continuity planning, crisis management, privacy, and compliance. In addition, he/she ensures all staff members are trained in enterprise and governmental security requirements through awareness programs. This individual will be responsible to work with stakeholders, IT technical services, application owners as well as both senior leadership and subject matter experts, to design and oversee architectural and operational designs and processes. This position is responsible for the implementation and operation of security operations, risk, and compliance from strategic initiatives. The role oversees the designs and links the business mission and IT security strategy, and documents this using multiple architectural models or views that show how the current and future needs of an organization will be met in an efficient, sustainable, agile, and adaptable manner. The position is responsible for taking architectural designs and segmenting physical and logical requirements to meet business outcomes globally, with an understanding of the regulatory and compliance requirements in the US and other countries globally.
Primary Responsibilities And Essential Functions
- Develop and implement security standards, processes and procedures, and guidelines for the enterprise
- Ensure and monitor security compliance with industry and government rules and regulations
- Implements security improvements by assessing current situations; evaluating trends; anticipating requirements.
- Investigate and respond to security incidents, breaches, and other cybersecurity incidents.
- Management and oversight of the change review board/ architecture review board.
- Define and drive threat identification and response across the company.
- Define and drive training programs, tailored to specific teams and/or across the company.
- Development, implementation, and monitoring of enterprise-wide initiatives that reduce information security risk.
- Collaborating closely with product software development, IT, legal, audit, and compliance teams to achieve the organizations' compliance with security and data privacy laws and governance standards.
- Specifies and enforces operational standards of business processes such as change control, et al.
- Communicating effectively with senior leadership and legal counsel about information security issues
- Tracking violations of privacy and security
- Proactively manage vendor resources to work through events/problems that occur within the computing environment in order to minimize end-user impact; appropriately draft and distribute communications to the IT team and affected end-users
- Understand the use and management of data in the organization and recommend controls to mitigate risks of critical data loss; Coordinate with business and IT groups to implement these solutions timely
- Design, develop and implement information security architectures that support control implementation across a broad set of hardware and software systems.
- Provide technical guidance to software development and engineering teams on implementation of security best practices during development life cycles.
- Test, document, and maintain enterprise-wide Information Security solutions and coordinate with technology and business groups to assess, implement, and monitor IT-related security risks/hazards
- Coordinate, facilitate, and maintain ongoing Information Security programs including the remediation of identified vulnerabilities, security alerts, and applicable reporting metrics.
- Understand the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments
- Report security performance against established security metrics
- Ensure security complies and meets all service level agreement requirements
- Create an information security awareness program to ensure staff members across the organization understand the trade-off between risk and return
- Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with the need
Qualifications & Experience
- 10+ Years of experience in similar roles
- Experience training security concepts to all areas of the business
- Vendor management experience
- Professional experience in running the information security office analyzing and applying information security, risk management, and privacy practices
- Extensive experience in strategic planning, budgeting, and allocation
- Consulting and general industry experience
- Knowledge of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DS
- Expertise in information security architecture technologies and concepts: firewalls, intrusion detection, assessment tools, encryption, certificate authority, etc.
- Expertise in the field of information systems security, including areas such as identity and access management, security program policies, processes, and procedures
- Understanding of emerging technologies and their impact on security architectures: service orientated architecture, enterprise frameworks, message-based information exchange, etc.
- Experience in law enforcement and/or national security is highly desirable
Education & Skills
- Bachelors or master’s degree in computer science, management information systems, business administration, or related discipline
- Certified information systems security professional a plus
- Excellent verbal and written communication skills
- Ability to react to high-pressure dynamic changing environments
- Strong problem solving and analytical skills
We offer competitive pay, flexible hours, and generous benefits. Plus, to keep things fun (because we are all kids at heart), we offer a host of team member activities and philanthropic efforts throughout the year and company-wide awards and recognition for a job well done!
Check out our website at http://www.kidsii.com and our social media pages on LinkedIn, Facebook and Instagram for more information and open positions in the career section.
Drug-Free Workplace M/F/D/V