Director, Information and Cybersecurity (Remote)

About The Position

Requirements

• Level of Formal Education: Bachelors degree or equivalent experience
• Area of Study: Computer Science, Information Management, or Engineering
• Years of Experience: Minimum 10 years’ experience in related field plus 7 years in a supervisory role
• Type of Experience: Knowledge of industry practices and technical systems, and an understanding of the potential use of technology solutions in a business environment
• Professional designation/certification Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is required
• Language Skills: English
• Experience with internationally recognized information security management best practices, such as International Standards Organization (ISO) 2700x and NIST Cybersecurity Framework (CSF)
• Experience with applicable legal and regulatory requirements, including, but not limited to, the Sarbanes-Oxley Act (SOX), California Consumer Privacy Act (CCPA), and Payment Card Industry Data Security Standard (PCI DSS)
• Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies
• Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans
• Knowledge of and experience with cloud architecture deployments across key security domains, including, but not limited to, Data Security, Network Security and Identity & Access Management
• Familiarity with the principles of cryptography and cryptanalysis
• Familiarity with agile development methodologies
• An understanding of operating system internals and network protocols
• Strong negotiation and ability to coach and guide associates toward new levels of contribution
• Proven ability to work and interact closely with senior management levels to determine their business needs and obtain support for initiatives
• Strong leadership and organizational experience
• Strong technology skills with the ability to synthesize relevant information and make key decisions
• Strong analytical skills to relate security requirements to appropriate security controls
• Strong project management skills and experience in creating and managing project plans, including budgeting and resource allocation
• Excellent communication abilities and relationship building skills

Nice To Haves

• Security leadership experience in retail industry a plus
• Familiarity with Clarity, Jira, Oracle HCM, SailPoint, GLPI and SmartSheets is a plus
• A dedicated and self-driven desire to think creatively and produce results
• Strong ownership over their responsible area
• Well-developed bias for action, moves quickly to take action and has the appropriate level of urgency
• Written, verbal, and presentation skills with the ability to effectively interact with internal and external business partners
• Ability to think strategically 
• Ability to present at the executive level
• Understanding of complex automated systems
• Personal experience in leading the successful design and delivery of at least 2 enterprise-wide security tool deployments

Responsibilities

• Lead the development, maintenance, communication and adoption of Information Security roadmaps and blueprints for Office Depot and affiliates.
• Develop and maintain Information Security governance, policies, standards, guidelines and procedures across all business units.
• Identify and present risk management issues to the CTO and IT Leadership team and support the security incident response process.
• Collaborate with IT, Legal, Audit, Compliance and other teams to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.
• Consult with IT, security staff and stakeholders to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
• Lead cross-functional security teams to implement and maintain a global security program to protect, detect and respond to security threats.
• Cultivate a security risk-aware environment where decision makers and staff understand and care about information security and consider security implications in their decision making.
• Develop and maintain supplier and consulting relationships and service contracts.
• Monitor compliance with information security policies and procedures, referring issues to the appropriate management and executives.
• Explore, evaluate and recommend the use of strategic, cost-optimized security solutions that improve resiliency and/or functionality of the enterprise.

Benefits

• The company offers competitive salaries, a benefits package, which includes a 401(k) and more, along with plenty of opportunity to move and grow within our organization!