Director, Information Security

Centric BrandsGreensboro, NC
Hybrid

About The Position

Centric Brands is a leading lifestyle brand collective that designs, sources, markets and sells high quality products in multiple segments, including women’s, men’s and kid’s apparel, accessories, entertainment and beauty. Centric Brands is focused on our customers and our brands that will drive the company’s future growth. We are defined by innovation as we seize new opportunities and thrive in an environment informed by creativity and thinking that is both analytical and outside the box. Centric Brands reflects a team built on respect, for others and for the hard work it takes to achieve our goals and build our bright future together.

Requirements

  • Bachelor’s degree in Information Systems, Computer Science, or related field required.
  • CISSP, CISM, or equivalent security certification strongly preferred.
  • Minimum of 10 years’ experience in information security, including 5+ years leading security teams or programs.
  • Experience presenting security posture, risk, and program metrics to executive leadership.
  • Experience leading global security programs; retail, consumer goods, or manufacturing industry experience a plus.
  • Excellent communication skills - both written and verbal.
  • Exceptional, hands-on leader with a style that is engaging, innovative, and collaborative.
  • Ability to be flexible, work under pressure and tight deadlines.
  • Ability to travel as needed; once per quarter.
  • Ability and availability to work occasional nights and weekends.
  • Experience with Fortinet/FortiGate/Forticlient, Crowdstrike MDR/EDR, BitLocker, File Vault, MS Defender, and Azure Security services is a plus.

Nice To Haves

  • CISSP, CISM, or equivalent security certification strongly preferred.
  • retail, consumer goods, or manufacturing industry experience a plus.
  • Experience with Fortinet/FortiGate/Forticlient, Crowdstrike MDR/EDR, BitLocker, File Vault, MS Defender, and Azure Security services is a plus.

Responsibilities

  • Provide strategic leadership for, and develop, implement, and operate, a company-wide information security program.
  • Advise senior leadership on security program direction and resource investment.
  • Develop and manage the information security budget, aligning investments with risk priorities.
  • Report regularly to executive leadership on security posture, risk reduction, incident readiness, and program maturity against defined KPIs.
  • Manage and facilitate global information security governance processes.
  • Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
  • Stay abreast of information security issues and regulatory changes affecting consumer goods, retail and trade at the state, national and global levels, participate in policy and practice discussions, and communicate to leadership on a regular basis about those topics.
  • Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
  • Mentor/Coach the Information Security Office team members and implement professional development plans for team members. Communicate clear goals and objectives.
  • Partner with infrastructure, network, cloud, application, and end-user computing teams to implement and maintain enterprise security standards and controls.
  • Lead the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
  • Coordinate and track all information technology and security related audits including scope of audits, timelines, auditing agencies and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the company in its best light.
  • Provide guidance, evaluation and advocacy on audit responses.
  • Work with leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the company to effectively address global statutory and regulatory requirements.
  • Develop a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI, CCPA, and GDPR.
  • Support Legal Discovery requests when required.
  • Work closely with IT leaders, technical experts and various leaders on a wide variety of security issues that require an in-depth understanding of the IT environment in their units.
  • Create education and awareness programs and advise operating units at all levels on security issues, best practices, and vulnerabilities.
  • Pursue employee-focused security initiatives addressing phishing, social engineering, and identity protection.
  • Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidents that arise.
  • Own and maintain the company’s incident response plan, including playbooks and regular tabletop exercises with business stakeholders.
  • Convene Ad Hoc Security Committee as appropriate and provide leadership for breach response and notification actions for the company.
  • Partner with IT and business leaders to develop and test business continuity, disaster recovery, and cyber resilience plans.
  • Establish and oversee a third-party risk management program, including security assessments of vendors, licensing partners, and key service providers.
  • Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
  • Support cyber insurance renewals, security questionnaires, and claims coordination.
  • Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
  • Establish and oversee a vulnerability management program, including scanning, penetration testing, and remediation tracking.
  • Oversee day-to-day security operations, including MDR/SOC partner management, security monitoring and detection, threat intelligence, and endpoint and email security.
  • Set direction for cloud security posture and zero-trust architecture in partnership with infrastructure and application teams.
  • Establish governance for identity and access management, including privileged access controls and periodic access reviews.
  • Examine impacts of new technologies on the company’s overall information security. Establish processes to review implementation of new technologies to ensure security compliance.
  • Establish governance, risk management, and security standards for artificial intelligence (AI), generative AI, machine learning, and automation technologies. Partner with business and technology leaders to enable responsible and secure adoption of AI solutions across the enterprise.

Benefits

  • medical
  • dental
  • vision
  • matching 401(k)
  • Summer Fridays
  • generous PTO
  • merchandise discounts
  • excellent career development opportunities
  • work environment that reflects our industry leadership
  • Centric Cares social impact program
  • D&I committee initiatives
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service