Director, Cybersecurity, Privacy, and Risk

Amb group

Job Description
At PGA TOUR Superstore, we're always looking for enthusiastic, self-motivated, flexible individuals who will share a passion for helping transform our business. As the fastest growing specialty retailers, we're dedicated to hiring selfless team players from different backgrounds to influence the growth of our organization. Position SummaryThe Director of Cybersecurity, Privacy & Risk is primarily responsible for providing leadership as well as operational and tactical direction to diverse teams including management, analysts, engineers, and architects. The Security Director provides strategic direction but in concert with their direct support manager. The director leads the team through the information security and privacy program by establishing highly effective policies, corporate protocols, and the appropriate collaboration with various teams across PGA Tour Super Store (PGATSS). In addition, this leader assumes responsibility for the education and enforcement of those protocols and matters of compliance.The Director possesses a strong technical background and has a solid understanding of security, risk, mitigation, and technical controls. The candidate is expected to lead teams that perform technical work so must possess technical leadership qualities.This position requires strong written and oral communication skills, as well as the ability to communicate detailed, technical information in a manner comprehensible by individuals at varying degrees of experience and skill level. The candidate must be fluent in producing presentation material to communicate to upper management / officers and requires the ability to speak confidently in front of senior leadership, corporate staff, vendors, and service providers. The Director is expected to work with their leadership to define the IT security strategy and roadmap.Because living our Core Values is at the forefront of what we do, we PUT PEOPLE FIRST by investing in our associates that take care of our Customers!Medical, Dental, Vision Benefits (Day 1 Eligibility)Wellness Programs and Incentives - Peloton Discounts, Personalized Health & Weight Management, Healthy Choice Incentives, Discounted Gym Memberships, Meal Prep Services, Healthy Pregnancy/Baby Programs, and Behavioral & Mental Health ResourcesFinancial Wellness Resources - with Transamerica25% Associate DiscountPaid Time OffPaid Child Bonding Leave401k with Employer MatchCommitted to Serving our Communities - Matching Gift Program & The First TeeCareer Growth!Essential Job DutiesAnalyzes technologies and establishes highly effective processes and protocols to ensure comprehensive protection exists to prevent unauthorized entry into the company's networks and systems.Supports automation and orchestration to maximize the team's talents and reduce routine tasks.Provides direction for the security team and places a heavy emphasis on employee retention - people, first.Conducts independent verification and validation testing of the company's networks and sensitive programs through internal team resources and independent consultant engagements.Leads the team to implement secure enterprise systems and identifies issues that could compromise data integrity or security.Develops IT security programs and recommends the necessary changes to the Information Security Team to ensure the company's systems are fully compliant with all applicable regulatory requirements and privacy laws.Facilitates third-party audit reviews of internal departments.Provides periodic training to company employees on information security topics.Participates in the company's change management program.Stays abreast of the security industry threat landscape, specifically within the company's industry.Recognizes his/her personal developmental needs and is proactive in obtaining the coaching, networking, and training needed to ensure his/her continued success in the position.Creates a working environment that is conducive for two-way communication, teamwork, and learning.Recognizes the varying strengths, skills, and needs of the team and adapts his/her coaching skills to obtain the best possible results from each individual contributor.Actively recruits and leads by example to create a culture where employees want to work.Partners with other Arthur M. Blank companies to leverage their security tools, processes, procedures, and best practices that can enhance the PGATSS security program.Utilizes open communication and managerial courage to ensure the standards, expectations, and goals of the organization are respected and upheld.Acts as a change agent and drives the department and business forward using effective management, analysis, and strategic skills.Leads security-related projects from inception to successful completion and is capable of effectively coaching technology staff on appropriate security protocols and needs as they implement and introduce new technology into the organization.Assumes responsibility for other duties as required or assigned.Skills and ExperiencePreferably 10+ years of technical hands-on security experience, with at least 3-5 years in a security leadership or management role.Demonstrates strong written and oral communication skills.Understands service design and delivery concepts.Demonstrates solid organizational skills and the ability to multi-task, prioritize workload, and delegate responsibilities.Effectively manages stress in a constantly changing environment.Leverages subject matter expertise in security, privacy, risk, and compliance.Demonstrates excellent judgment and the ability to make quick decisions and think outside the box when working with complex situations.Demonstrates a high level of flexibility.Is forward thinking and possesses business acumen.Possesses a high level of integrity, trustworthiness, and confidence, and represents the company and its management team at the highest level of professionalism.Demonstrates strong analytical skills and is effective at interpreting and applying applicable regulation.Works effectively with a variety of personalities and can adapt his/her approach to effectively reach and develop his/her team. Uses this skill and functional knowledge to both earn and maintain a high level of credibility with the team and other parts of the business.Experience managing and implementing security programs based on either the ISO 27001 or NIST frameworks.Must be able to fit into the existing corporate culture which is deeply rooted in having respect for others and demonstrating great teamwork. Our company operates on the following core values: Putting People First, Listening and Responding, Including Everyone, Innovating Continuously, Leading by Example, and Giving Back to Others.Education RequirementsBachelor's degree in Cybersecurity, Computer Science, Management Information Systems (MIS), related field, or equivalent experience.Master's degree, MBA, or advanced degree in Security, Information Systems, or a Technology field is not required but highly preferred.Certification RequirementsCISSP / CISM (preferred), IAPP Privacy Certification and/or SANS certification a plusPart of the Arthur M. Blank Family of Businesses, PGA TOUR Superstore continuously strives to create a family culture for our Associates - driven by our vision to inspire people through golf and tennis. PGA TOUR Superstores is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.Other DutiesPlease note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.We comply with all laws that prohibit discrimination based on race, color, religion, sex/gender, age (40 and over), national origin, ancestry, citizenship status, physical or mental disability, veteran status, marital status, genetic information, and any other legally protected status. Employment discrimination isn't just unlawful, it violates our policies and is not who we are. Every associate at every level in the organization is prohibited from engaging in any form of discrimination.An associate who believes s/he is being discriminated against should report it immediately to the Human Resources department. The law and our policies prohibit retaliation against anyone for making such a report.