The Role

The Director, IT Security leads security services ensuring that all organization security requirements are met. It includes managing the Data Protection program, ensuring effective data loss prevention activities across various systems, applications, third parties and network security. This position requires a steadfast execution mindset, exceptional communication and collaboration skills and the ability to collaborate in a demanding environment while maintaining a composed, professional demeanor. A high degree of ownership, initiative, interaction and teamwork is required to be effective in the role. As this is a leadership role you will be counted on to be the example for the team to follow.

Responsibilities

Strategic/Managerial

• Leads the implementation of security policies, procedures, and best practices.
• Leads the implementation of security standards and guidelines such as ISO/IEC 277001, CIS benchmarks, Cobit, and NIST.
• Work closely with different departments to drive modifications to organization behavior policies and standards, procedures, metrics, processes, and related tools.
• Develop security operations playbook to provide detailed practices required for operational excellence and ensure service delivery adheres to documented standards
• Develop strategies and plans to adapt security operations to enable digital business requirements
• Perform oversight of internal teams and managed service providers that support IT security operations
• Establish and maintain collaborative relationships with business partners, including senior leadership teams, in order to propose and formulate solutions to meet the business needs and to drive efficiency and business value
• Sponsors strategic sourcing initiatives required to mature IT security operations services
• Rigorously assess and develop talent to enable succession and build bench strength
• Lead organizational changes that enhances the company's ability to accelerate growth
• Develop program plans that contribute to the development, implementation and sustainment of the Data Protection Roadmap and provide actionable insights for business strategies and performance.

Legal and Compliance

• Drive the enterprise wide Data Protection and Data Loss Prevention roadmap with a focus on safeguarding protected and sensitive customer data.
• Drive a Data Protection and Loss Prevention culture to safeguard organizational data throughout the company.
• Provide oversight and guidance for SOX, HIPAA, and other regulatory compliance initiatives.
• Oversee internal and external auditing needs as required.

Technical

• Lead daily security operations for all on-premise, hosted, and cloud infrastructure, storage, systems, networks and application security
• Oversee operational security for patching and remediation of vulnerabilities
• Standardize and administrate end-user computing protection services
• Operate, as needed, common security, vulnerability assessment and testing tools
• Oversee operational onboarding of major changes to the IT security operations environment
• Lead the creation and delivery of formal measures for infrastructure security health and performance
• Develop security operations playbook to provide detailed practices required for operational excellence and ensure service delivery adheres to documented standards

General

• Consistently and prudently manage program finances as per established standards to ensure action plans have approved funding and do not exceed program budget.
• Implement and adhere to project management principles and reporting.
• Partner with IT Operations, IT Support, and other areas of IT in a service management model to ensure mature execution of IT services.
• Other projects or duties as assigned.

Qualifications

• Bachelor's degree in Computer Science, Information Security, Information Management or a related field
• 8+ years of demonstrated experience managing on-premise or outsourced IT security operations including application, network and Consumer Data Protection or Data Loss Prevention programs
• Experience implementing and operating cybersecurity tools and processes
• Experience implementing projects and programs related to Information Security, Privacy and/or Data
• Demonstrated leadership building and managing a high-performing team
• Experience directly managing budgets with ability to develop complex business cases
• Experience leading a security operations center in a multiple business unit environment
• Solid knowledge of ITIL practices and demonstrated experience increasing ITIL capability
• Exceptional organization and planning skills and process-driven thinking
• Self-starter, creative, enthusiastic, innovative and collaborative outlook.
• Highly motivated, self-directed, innovative and able to work independently or among teams with keen judgement, common sense and resourcefulness
• Adapts and thrives in a demanding, fast-paced environment
• Possesses a high level of critical thinking
• Operates with a high level of professionalism and integrity, including dealing with confidential information
• Must understand and comply with the rules, regulations, policies, and procedures of Green Thumb
• Must have a solid understanding of the Cannabis laws, rules and regulations and passion to further their understanding and knowledge of the industry and the laws.

Additional Requirements

• Must pass any and all required background checks
• Must be and remain compliant with all legal or company regulations for working in the industry