Director - IT Security

Job ID
Information Technology


This position plans and administers all data security measures related to IT Policies/Framework, Enterprise Risk Management, Security Architecture, Internal Audit, Regulatory and Compliance including privacy, Disaster Recovery and Business Continuity efforts.


  • Develop, implement and maintain security policies, procedures and associated plans for security administration and appropriate use.
  • Position will have direct responsibility for all SOX and PCI security deliverables.
  • Establish, document, and distribute security incident response and escalation procedures to ensure timely and effective handling of all situations.
  • Conduct research on emerging security products, services, protocols, and standards in support of systems software procurement and development efforts.
  • Establishes all security measures in support of disaster recovery efforts.
  • Analyze network traffic patterns, system logs, and audit files for compliance with security polices on all systems including an IBM iSeries (AS/400).
  • Monitor, distribute and analyze security alerts and information.
  • Monitor Intrusion events and report these incidents
  • Research new vulnerabilities and malicious software, reviewing the company’s potential exposure to each.
  • Perform vulnerability testing and analysis on all network assets and applications/projects
  • Analyze access control requests, making informed decisions about appropriate access.
  • Ability to identify, develop and ensure maintenance of security reporting metrics to support key decision makers
  • Perform routine network, server, data base and end user security audits.
  • Projects may involve having to work during non-business hours (weekends, holidays, etc.). Must carry Blackberry for off-hour support.
  • Handle daily security related tasks, as well as projects as they are assigned.
  • Recruit, develop and train Security Administrator(s) and/or vendors for network, application and database security. 


  • Bachelor’s Degree in Computer Science or Business Administration
  • Five+ years' experience in hands-on security administration, preferably in the Retail industry
  • Prior managerial/supervisor experience
  • CISSP certification is preferred
  • Payment Card Industry (PCI) and SOX experience required
  • Experience with Cisco network gear: IOS, IDS, CSA, MARS is a plus
  • Experience with third party tools to manage and audit the AS/400 security implementation
  • Strong familiarity with DNS and TCP/IP networking
  • Prior retail experience preferred
  • High degree of proficiency in MS Office Suite, Outlook & Internet applications
  • Strong analytical, prioritizing, interpersonal, problem-solving, and presentation skills
  • Ability to operate independently while establishing strong working relationships with co-workers and cross-functional teams
  • Ability to work with and influence senior management 
  • Strong, professional and effective verbal and written communication skills
  • Ability to foster a positive and motivating work environment, encouraging feedback and innovation
  • Self-motivated with critical attention to detail and deadlines
  • Ability to adapt well to change in direction and priority in a fast- paced and deadline-oriented environment


  • Results Orientation: demonstrates the ability to consistently deliver business results by meeting deadlines and achieving goals
  • Communication: effectively conveys information and ideas in concise and meaningful exchanges through written and verbal communication
  • Teambuilding/Teamwork: effectively develops relationships and facilitates constructive resolution of conflict while encouraging trust, cooperation, collaboration and information sharing among individuals
  • Leadership: demonstrates understanding of organizational issues and opportunities; engages in problem solving, makes sound decisions, and exercises influence at all levels to develop appropriate solutions and deliver optimum results
  • Business Acumen: demonstrates financial and operational understanding of organizational strategies and applies knowledge to business situations


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed