Sr. Director, IT Security - Modesto/Dublin, CA

Company: Cornerstone OnDemand
Location: Dublin
Posted on: October 2, 2024

Job Description:

Sr. Director, IT Security - Modesto/Dublin, CAThe Save Mart Companies operates 194 Save Mart, Lucky, and FoodMaxx stores in neighborhoods throughout California and Western Nevada. Proud to be California's largest regional, full-service grocery chain, the Company and its 13,000 Associates take extra care to provide customers with the freshest quality products at a great value.With deep roots in California's Central Valley, The Save Mart Companies and its family of stores prides itself in putting people first. Our dedication to customers and community is reflected in the connections we've made in the neighborhoods we've served for more than 70 years. The Save Mart Companies' philanthropic non-profit organization, The CARES Foundation, provides vital resources for children and families and has donated over $5 million to local communities.Some of our competitive benefits include exceptionally generous benefits package (Health, Dental, Vision, Life, 401K), Lifelong Learning Educational opportunities, Employee Association (discounted and free tuition options, contests, and support services).We are currently recruiting for the position of:Sr. Director, IT Security - Modesto/Dublin, CAThe Sr. Director of IT Security will be responsible for developing, implementing and monitoring a strategic, comprehensive enterprise cybersecurity and IT risk management program. The Sr. Director, IT Security will provide the vision and leadership necessary to manage the risk to the organization and will ensure business alignment, effective governance, system and product availability, integrity and confidentiality. Under their leadership, they will be accountable for the company's vulnerability protection, incident response, security operations center, data loss protection, and creating and implementing company security policies, controls, and procedures. They will establish, monitor, and track the company's security posture based on security control measurements.Key Responsibilities and Accountabilities:

• Responsible for the corporate security posture ensuring the protection of networks, systems, applications, data, and physical security.
• Lead development of the enterprise-wide security program ensuring it is strategically aligned to mitigate current and future security risks.
• Understand the threat landscape and adjust the program on a periodic basis to ensure it addresses the changing security environment.
• Establish a Security Operations function and provide leadership to security monitoring and incident response of cybersecurity events.
• Oversee the investigation of reported security breaches, determine what went wrong in a breach, and plan to avoid repeats of the same crisis.
• Advise and share metrics and analysis with business groups to optimize visibility of security risks and mitigation efforts.
• Manage the information security organization as part of the company security compliance office.
• Direct and approve the design of security systems.
• Create and implement security policies, controls, and procedures.
• Ensure the consistent application of security policies and standards across all technology projects, devices, systems, and services.
• Manage recurring verification of the vendor security risk profile.
• Ensure compliance with the changing laws and applicable regulations.
• Ensure IT, applications, network, and store infrastructure are designed with best security practices in mind.
• Deliver new security technology approaches and implement next-generation solutions for cloud security, identity and access management, email security, data loss prevention, vulnerability management, and threat intelligence.
• Develop and implement business continuity plans to ensure service is continuous.
• Work directly with the business units to facilitate risk assessment and risk management processes.
• Assist with documentation that supports attestations, RFPs, and risk assessment questionnaires specifically for technology vendors.
• Manage all teams, employees, contractors, and vendors involved in IT security.
• Provide training and mentoring to security team members.
• Lead the development and delivery of information security awareness training program.Hiring pay range: $191,212.00 - 239,015.00Requirements (Knowledge, Skills and Abilities):
• Proven experience leading an IT Security organization, a broad and detailed understanding of security-centric technology and Cisco tools, security risk management, threat landscape, and threat mitigation strategies.
• Experience with Cloud security, Infrastructure security, elastic computing across virtualized environments, and related Cybersecurity risk identification and management.
• Understands and actively seeks the use of metrics and critical thinking to guide messages and make decisions.
• Knowledge and experience in state and federal information security laws, including but not limited to HIPAA, NIST, PCI, CCPA, and all other applicable regulations.Experience: 12 Years Information security experience working in a corporate environment, 10 Years Management, supervisory and/or leadership experience.Education: 4 Year/Bachelors Degree and/or equivalent experience/training in a Computer Science, IT Security, Engineering, or Information Technology field.Licenses & Certifications: Certifications in security such as CISSP, CISA, and Cisco Certified Network Professional Security required.The Save Mart Companies is an Equal Opportunity Employer, and we welcome resumes from individuals who will contribute to our diverse workforce.
  #J-18808-Ljbffr

Keywords: Cornerstone OnDemand, Santa Cruz , Sr. Director, IT Security - Modesto/Dublin, CA, Executive , Dublin, California