Designer Brands · 3 days ago
Director, IT Security & Compliance
Wonder how qualified you are to the job?
Maximize your interview chances
Consumer GoodsFashion
H1B Sponsorship
Insider Connection @Designer Brands
Responsibilities
Develop, mature, implement a comprehensive IT security and cybersecurity strategy aligned with the company's business objectives and industry best practices. Continuously assess and update the strategy to address emerging cyber threats and vulnerabilities.
Oversee day-to-day security operations, including monitoring, detection, and response to cyber threats and security incidents. Implement advanced threat detection tools and technologies to proactively identify and mitigate cyber threats.
Lead efforts to conduct comprehensive cyber threat assessments, including identifying potential threat actors, their motives, and tactics, techniques, and procedures (TTPs). Utilize threat intelligence sources and tools to enhance threat visibility and situational awareness.
Direct staff in identifying, developing, implementing, and maintaining security standards, processes, controls, practices, procedures, and policies throughout the organization.
Research and deploy technology solutions and innovative security and management techniques to safeguard the organization’s assets, including intellectual property.
Develop and manage the security department’s budget, ensuring cost-effective use of resources.
Oversight of the Business Information Security Committee and security forum steering committee
Lead proactive measures to deter cyber threats and attacks. Collaborate with internal teams and external partners to develop and deploy effective threat deterrent strategies.
Identify, assess, and prioritize security risks and vulnerabilities across the organization's IT infrastructure, applications, and systems, with a specific focus on cyber threats. Develop and implement risk mitigation strategies to safeguard against potential cyber-attacks and data breaches.
Ensure compliance with relevant regulatory requirements, industry standards, and internal policies related to IT security and data protection. Conduct regular compliance assessments and audits to validate adherence to appropriate regulatory requirements.
Partner with Internal Audit team to compliance with regulatory and standard agencies (ISO, Sarbanes-Oxley, PCI, etc.) as it applies to our DBI.
Develop and maintain incident response plans and procedures to effectively respond to cyber security incidents and data breaches. Conduct regular tabletop exercises and simulations to test the effectiveness of incident response plans.
Develop and deliver cybersecurity awareness training programs for associates to educate them about common cyber threats, phishing attacks, and best practices for safeguarding sensitive information. Foster a culture of cybersecurity awareness throughout the organization.
Partner with appropriate business owners to author security and disaster-related documentation within all hosting operations including Disaster Recovery Plan, Business Continuity Plan, security standards, and security policies.
Evaluate the security posture of third-party vendors and service providers to assess their ability to protect the organization's data and systems from cyber threats. Establish contractual requirements and security controls to mitigate third-party risks.
Work closely with IT architecture and engineering teams to integrate security controls and measures into the design and implementation of IT systems and applications. Conduct security reviews and assessments of new technologies and solutions.
Coordinate with Network Engineering team on technical security to network infrastructure.
Evangelize new security features across DBI enterprise.
In partnership with internal legal team provide liaison with local and federal authorities in the event of discovered criminal activity.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
In-depth knowledge of cybersecurity principles, practices, and technologies, including threat intelligence, intrusion detection, and security incident response.
Experience developing and implementing IT security and cybersecurity strategies, policies, and procedures.
Strong understanding of cybersecurity frameworks and compliance requirements, such as NIST Cybersecurity Framework, ISO 27001, GDPR, and PCI DSS.
Excellent leadership, communication, and interpersonal skills.
Ability to collaborate effectively with cross-functional teams and senior executives.
Minimum of 8-10 years of experience in IT security, with at least 5 years in a leadership role, with a focus on cybersecurity.
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or equivalent certifications.
Preferred
Experience working in the retail industry or a similar fast-paced environment is a plus.
Company
Designer Brands
Designer Brands is a retail company that designs and produces a variety of footwear and accessories.
H1B Sponsorship
Designer Brands has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2023 (3)
2022 (1)
2021 (11)
2020 (8)
Funding
Current Stage
Early StageTotal Funding
$0M2022-06-01Angel· $0M
Recent News
2024-06-04
2024-06-04
Company data provided by crunchbase