Director, IT Security
About Green Thumb Industries:
Green Thumb Industries (GTI), a national cannabis consumer packaged goods company and retailer, is dedicated to providing dignified access to cannabis while giving back to the communities in which they serve. GTI manufactures and distributes a portfolio of branded cannabis products including Rythm, Dogwalkers, The Feel Collection, incredibles and Beboe, among others. The company also owns and operates rapidly growing national retail cannabis stores called Rise™ and Essence. Headquartered in Chicago, Illinois, GTI has 13 manufacturing facilities, licenses for 95 retail locations and operations across 12 U.S. markets. Established in 2014, GTI employs approximately 1,400 people and serves thousands of patients and customers each year. GTI was named a Best Workplace 2018 by Crain’s Chicago Business. More information is available at GTIgrows.com.
The Director, IT Security leads security services ensuring that all organization security requirements are met. It includes managing the Data Protection program, ensuring effective data loss prevention activities across various systems, applications, third parties and network security. This position requires a steadfast execution mindset, exceptional communication and collaboration skills and the ability to collaborate in a demanding environment while maintaining a composed, professional demeanor. A high degree of ownership, initiative, interaction and teamwork is required to be effective in the role. As this is a leadership role you will be counted on to be the example for the team to follow.
- Drive the enterprise wide Data Protection and Data Loss Prevention roadmap with a focus on safeguarding protected and sensitive customer data. Work closely with different departments to drive modifications to organization behavior policies and standards, procedures, metrics, processes, and related tools.
- Lead daily security operations for all on-premise, hosted, and cloud infrastructure, storage, systems, networks and application security
- Oversee operational security for patching and remediation of vulnerabilities
- Standardize and administrate end-user computing protection services
- Develop security operations playbook to provide detailed practices required for operational excellence and ensure service delivery adheres to documented standards
- Develop strategies and plans to adapt security operations to enable digital business requirements
- Oversee operational onboarding of major changes to the IT security operations environment
- Lead the creation and delivery of formal measures for infrastructure security health and performance
- Perform oversight of internal teams and managed service providers that support IT security operations
- Drive a Data Protection and Loss Prevention culture to safeguard organizational data throughout the company. Champion the education and training of stakeholders and end users about GTI Security and Data policies. Collaborate with stakeholders and partner teams on the planning, implementation, and roll-out of associated programs and solutions.
- Establish and maintain collaborative relationships with business partners, including senior leadership teams, in order to propose and formulate solutions to meet the business needs and to drive efficiency and business value
- Sponsors strategic sourcing initiatives required to mature IT security operations services
- Rigorously assess and develop talent to enable succession and build bench strength
- Lead organizational changes that enhances the company's ability to accelerate growth
- Develop program plans that contribute to the development, implementation and sustainment of the Data Protection Roadmap and provide actionable insights for business strategies and performance. Consistently and prudently manage program finances as per established standards to ensure action plans have approved funding and do not exceed program budget.
- Other projects or duties as assigned.
- Bachelor's degree in Computer Science, Engineering, Information Management or a related field
- 8+ years of demonstrated experience managing on-premise or outsourced IT security operations including application, network and Consumer Data Protection or Data Loss Prevention programs
- Experience implementing and operating cybersecurity tools and processes
- Experience mplementing projects and programs related to Information Security, Privacy and/or Data
- Demonstrated leadership building and managing a high-performing team
- Experience directly managing budgets with ability to develop complex business cases
- Experience leading a security operations center in a multiple business unit environment
- Solid knowledge of ITIL practices and demonstrated experience increasing ITIL capability
- Demonstrated ability to analyze and synthesize large amounts of consumer data into actionable insights
- Exceptional organization and planning skills and process-driven thinking
- Self-starter, creative, enthusiastic, innovative and collaborative outlook.
At GTI we believe that our corporate community should be a reflection of the communities we serve. We are dedicated to fostering an inclusive culture that celebrates diversity across race, sex, age, gender identity, sexual orientation, disability, nationality, religion, experience, and thought—not only because it is right, but because it makes us better. Our mission—the right to wellness—informs our commitment to champion economic opportunities in communities disproportionately affected by the war on drugs through employment and community involvement. GTI is proud to be an equal opportunity workplace.
We can't wait to meet you.
Read Full Job Description