Director, Information Security

White Cap•Doraville, GA

About The Position

A position at White Cap isn’t your ordinary job. You’ll work in an exciting and diverse environment, meet interesting people, and have a variety of career opportunities. The White Cap family is committed to Building Trust on Every Job. We do this by being deeply knowledgeable, fully capable, and always dependable, and our associates are the driving force behind this commitment. Job Summary Responsible for leading the development and execution of White Cap’s information security strategy. Ensure the protection of systems, data, and networks from cyber threats while maintaining compliance with regulatory, contractual, and industry standards. Collaborate with IT, senior leadership, and external stakeholders to manage security risk, govern security practices, and oversee incident response, monitoring, and security operations.

Requirements

Typically requires BS/BA in a related discipline.
Generally 9+ years of experience in a related field, including several years in a management/supervisory capacity.

Nice To Haves

Deep understanding of information security principles, practices, and technologies.
Deep knowledge of, and implementation experience with GRC functions, including SOX Compliance, PCI DSS, IT Audits, Cyber Risk Management.
Deep knowledge of, and implementation experience with security frameworks such as NIST (CSF, SP 800-53, etc.), ISO/IEC 27001, PCI DSS.
Strong leadership skills with the ability to inspire and lead a high-performing information security teams, including MSSPs.
Experience in managing and influencing cross-functional teams and working collaboratively with senior executives.
Ability to develop and execute long-term information security strategies aligned with business objectives.
Excellent problem-solving skills with a proactive approach to addressing security challenges.
Bachelor's in information security, computer science, IT, or related field (Master’s/MBA preferred).
CISSP, CRISC or CISM preferred.
Proven experience leading and delivering information security programs and projects.

Responsibilities

Develops and executes an enterprise information security strategy aligned with business objectives.
Identifies emerging threats and leads strategic security enhancements.
Conducts and oversees risk assessments (third‑party, vulnerability, penetration testing, application).
Implements risk mitigation plans and maintains security policies, standards, and procedures.
Ensures compliance with industry frameworks and regulatory requirements.
Oversees security monitoring, detection, and automated response capabilities.
Manages core security technologies (firewalls, IDS/IPS, endpoint protection, etc.).
Leads incident response and recovery planning, testing, and execution.
Drives enterprise-wide security awareness and training programs.
Manages vendor relationships, contracts, and security solution procurement.
Leads, mentors, and develops the information security team.
Manages the information security budget and optimizes resource allocation.