Director, Information Security

Domino's•Ann Arbor, MI

4h•$200 - $230•Onsite

About The Position

Domino’s Pizza, which began in 1960 as a single store location in Ypsilanti, MI, has had a lot to celebrate lately: we’re a reshaped, reenergized brand of honesty, transparency and accountability – not to mention, great food! In the rise to becoming a true technology leader, the brand is now consistently one of the top five companies in online transactions and 65% of our sales in the U.S. are taken through digital channels. The brand continues to ‘deliver the dream’ to local business owners, 90% of which started as delivery drivers and pizza makers in our stores. That’s just the tip of the iceberg…or as we might say, one “slice” of the pie! If this sounds like a brand you’d like to be a part of, consider joining our team! Location: Ann Arbor, MI- Relocation required for candidates not local to the area Salary: 200-230k base plus bonus & equity This role is part of the Senior Domino’s Cybersecurity Leadership team, all functions within the Information Security organization, the broader Domino’s Technology department, and various business units such as Legal, Internal Audit, and Communications. The position must have strong communication and presentation skills and be adept with establishing and maintaining positive working relationships with peers and Senior Business leaders. Candidates in this role will manage, provide an oversight of all responsibilities performed by different Information Security programs, and implement maturity assessment and incident response protocols. Candidates will coach personnel and verify that they follow Information Security policies and strategy to ensure all components of the program are functioning optimally. The Leader must establish and maintain metrics that help provide a high level of productivity, supportability, and operational readiness while also participating in project planning and program management activities such as governance, risk, compliance, security operations, security engineering, incident management, change management, and other areas assigned. Must have a general knowledge with regulatory and privacy laws. This role will partner and engage with Information Security teams and business partners to design, manage, support, and implement secure solutions and provide enterprise-level security design consultation, and business perspective and strategic security. The role will foster a team culture of continuous improvement, mentoring and learning, data-driven decisions, and accountability for delivery of key metrics and deliverables. Establish, perform, and lead threat assessment modeling, secure design review, risk assessment, and enterprise-wide security posture. This role will function as a Business Information Security (e.g. BISO) partner, aligned with the Domino’s Technology and Operations Technology organizations to ensure understanding and alignment in reducing operational threats.

Requirements

Bachelor’s or degree in Computer Science, Information Technology, Engineering, Business Administration, or equivalent experience.
10+ years of Information Technology experience with focus on Information Security.
The candidate should have exceptional troubleshooting, sense of urgency, attention to detail, time management, and problem-solving skills.
Experience in establishing cybersecurity and risk metrics for reporting.
Strong Emotional Intelligence with demonstrated sustained leadership in a large organization involving multiple stakeholders.
Demonstrated management skills, e.g., project management, budget development and administration, policy development and implementation, team training and development.
Demonstrated ability to work with diverse people.
Effective oral and written communication skills.

Nice To Haves

Security certifications are desired but not required.

Responsibilities

Lead Program Maturity (25%)
Supports the delivery and daily operations of information security and associated strategy to complement business objectives.
Ensure that security improvement actions are developed, evaluated, validated, and implemented as required.
Perform needs analysis to determine opportunities for new and improved business process solutions.
Evaluate the effectiveness of procurement function in addressing information security requirements through procurement activities and recommend improvements.
Gather feedback on customer satisfaction and internal service performance to foster continual improvement.
Analyze internal operational architecture, tools, and procedures for ways to improve performance.
Provide evaluation and feedback necessary for improving intelligence production, intelligence reporting, collection requirements, and operations.
Design, create, and develop documents that map workflows, roles, and technical tasks required to define a workstream, governance models, and/or responsibility matrices to drive organizational focus, alignment, and understanding.
Lead complex Information Security projects, transformations, and transition efforts with large teams and complex security challenges.
Uses customer insights to drive and guide the development of new offerings.
Manage and increase the effectiveness and efficiency of the Information Security program, through improvements to each function, as well as coordination and communication between support and business functions.
Create executive and detailed reporting to provide an assessment with recommendations on how to improve security operations capabilities.
Team Leadership (20%)
The Director is expected to possess the relevant competencies specified in the Domino’s Leadership Competencies page (highly skilled “Leader of Self” and Skilled “Leader of Others”).
Establishes common objectives and a shared mindset; fosters open dialogue and collaboration among the team.
Play a leadership role in long-term Information Security strategy and planning, including initiatives geared toward operational excellence.
Develop next generation leaders thru mentoring, coaching and succession planning.
Responsible for career development/planning, performance and pay discussions of team members.
Ensure the team’s morale and engagement levels are high.
Provide mentorship to Information Security team members on security strategy, tactics, techniques, and procedures.
Ensure team meets established performance metrics.
Provide leadership and direction to Domino’s technology (DT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities.
Lead Day-to-Day Information Security functions (40%)
Review and approval of substantive security control changes to ensure Domino’s is appropriately positioned to protect the brand.
Create executive and detailed reporting to provide an assessment with recommendations on how to improve security operations capabilities.
Design and create Information Security processes (e.g., vulnerability management, incident response, event monitoring, etc.).
Ensure the seamless delivery of all security services and functions proposed in the portfolio.
Review security-related events and assess their risk and validity based on available network, endpoint, and global threat intelligence information to provide stakeholders with concise, detailed, and well-written incident reports, root causes identification, and remediation recommendations.
Provide management oversight for the identification, triage and response of events or incidents of apparent security breaches.
Work with Domino’s Incident Response teams to resolve ongoing intrusions, malware outbreaks, and other security incidents.
Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance.
Develop Disaster Recovery and Continuity of Operations plans for systems under development and ensure testing prior to systems entering a production environment.
Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
Ensure the execution of disaster recovery and continuity of operations.
Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.
Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, network edge, supporting infrastructure, and applications).
Develop designs to meet specific operational needs and environmental factors (e.g., access controls, automated applications, networked operations).
Contribute to crisis action planning for cyber operations.
Develop strategy and processes for partner planning, operations, and capability development.
Ensure operational planning efforts are effectively transitioned to current operations.
Incorporate cyber operations and communications security support plans into organization objectives.
Provide subject matter expertise to planning efforts with internal and external cyber operations partners.
Provide information and assessments for the purposes of informing leadership and customers; developing and refining objectives; supporting operation planning and execution; and assessing the effects of operations.
Lead Day-to-Day Information Security budget (15%)
Lead and oversee information security budget, staffing, and contracting.
Monitor the implementation of strategic business plans.
Manage the capital request and budgeting processes.