Information Security Manager at FTD
Manager, Information Security - Downers Grove, Illinois
FTD Companies, we continually evolve the business by promoting a culture where solutions from the technology group help transform our business through customer-meaningful solutions, innovative technologies, and business-impacting projects.
This highly crucial Manager, Information Security & IT Service Center position is responsible for all IT security and related compliance efforts within our multi-brand $1B+ E-Commerce company. We're actively searching for a top-level Manager to join newly built teams at FTD Companies who will be tasked with creating an entirely new state-of-the-art platform and architecture from scratch.
What You Will Contribute:
- You work closely with the technology teams to ensure systems are secure upon implementation; includes personal computing devices and storage.
- You lead the work to assemble required quarterly reporting, including external and internal vulnerability scans, wireless scans, access control documentation. Work with others in IT and Internal Audit to check compliance for security and other regulatory measures. Track to defined SLAs and provide reporting against those SLAs.
- You'll lead periodic testing of our Security Incident Response Plan.
- You provide leadership and strategic direction for the function, ranging from planning and budgeting to motivational and promotional activities expounding the value of information security. Provides exceptional guidance conveying a sense of urgency and a passion for delivering world-class customer service.
- You'll recognize problems by identifying abnormalities and report violations appropriately. Addresses complicated issues that our Tech Service Center technicians cannot resolve.
- You are the liaison with and offers strategic direction to related governance functions (Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers as necessary, on info security matters such as routine security activities plus emerging security risks and control technologies
- You'll form a "center of excellence" for Info Sec management, for example offering internal management consultancy advice and practical assistance on risk and control matters throughout the organization and promoting the commercial advantages of managing information security risks more efficiently and effectively
- You lead or commission the preparation of necessary information security policies, standards, procedures, and guidelines, in conjunction with the Security Committee
- You champion the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations
- You pioneer suitable information security awareness, training, and educational activities. Such as training for the company as a whole and training on secure coding methodologies such as OWASP for the application development teams.
- You guide IT risk assessments activities.
- You remain current on information security topics and trends.
- You own and participate in the evolution of our disaster recovery and business continuity program.
- You review technology contracts to ensure that data and network security aspects are adequately addressed. Additionally, review the system and application specifications and makes recommendations for security enhancements.
What we seek:
Is a phenomenal Manager with the ability and interest in working on a broad variety of different projects and technologies who loves to security, is excited about building things and is passionate about robust software design? These are what we are looking for
- You will need a bachelor of Science degree in computer science or related information security field.
- You require 5-10 years of full-time work experience in information security management and related functions (such as IT audit and IT Risk Management).
- You having management qualifications such as CISSP or CISM is highly preferred.
- We want 5+ years of experiences with complex system environments (e.g., directory services, email, VPNs, heterogeneous desktop and mobile operations system, Windows 7, Outlook 2003/2010, Blackberry, iPhone, and iPad/mobile devices.
- Experience with Wi-Fi, Enterprise Anti-Virus solutions, software distribution tools, and problem tracking software.
- We need someone with current knowledge of federal, state privacy and security laws and regulations, such as GDPR, Privacy Shield, and The California Consumer Privacy Act of 2018.
- You are absolutely trustworthy with high standards of personal integrity and are a detailed, logical thinker with knowledge of technical infrastructure security components and integrate computerized rules-based systems.
- Demonstrated track record of communicating security-related concepts to a wide variety of technical and non-technical staff.
- We want someone with experience with Wi-Fi, Enterprise Anti-Virus solutions, software distribution tools, and problem tracking software
- We desire you to be well versed in PCI DSS compliance, ISO 27001, 27002 standards, and the Cloud Security Alliance Cloud Controls Matrix
- You possess the prowess to motivate a team to adhere to IT practices and deliver outstanding customer service and satisfaction to employees.
- Keep up to date on new and evolving security technologies and services available in the market and on cybersecurity threat trends and intelligence
- Do you have the ability to work and communicate with coworkers under pressure?
- Would you enjoy working at a strong customer-service orientated company?
- Are you independent-minded and able to communicate complicated issues with strong written and oral communication skills?
- Please be able to learn, understand, and apply new technologies.
What we offer:
A phenomenal Manager, Information Security opportunity to be a part of a team that builds and evolves high performance, scalable order processing systems handling large transactional volumes. We encourage and welcome out of the box ideas in all areas like artificial intelligence, data processing and information retrieval, voice capabilities, automation, computer vision, and other ideas welcome. We much enjoy all the benefits of working for a digital E-Commerce Company (flexible hours, a healthy vacation plan, summer hours) in a relaxed work environment.
We strongly embrace the definition of a "flat" organization where you will spend time with business leaders, managers, developers, product management and executive leadership. There are job opportunities, and then there are career opportunities... Let us provide you with a career where you look forward to Mondays. Careers that have a positive impact and offer you a future as we change, grow, expand and explore new and exciting experiences for our global customer base.