IT Security Manager

About The Position

Requirements

• Proven ability to lead, motivate, guide, and develop a high-performing team of technical security professionals.
• Excellent verbal, written, and interpersonal communication skills.
• Must have the ability to build strong relationships at all levels, across all business units, and explain the business impact of complex security topics to non-technical stakeholders.
• Knowledge of GRC frameworks (e.g. NIST Cyber Security Framework) and familiarity with regulatory requirements such as Sarbanes-Oxley (SOX) and PCI-DSS.
• Experience with vulnerability scanning, penetration testing, operating system internals, network protocols, security operations, incident response methodologies, and cryptography.
• Must be a critical thinker with strong problem-solving skills.
• Possess the poise and ability to act calmly and competently in high-pressure, high-stress situations (e.g., during a major security incident).
• Bachelor's Degree in Information Technology or related field required
• Eight years previous information technology experience with two years previous supervisory experience strongly preferred

Nice To Haves

• Familiarity with Security Information and Event Management (SIEM) tools preferred
• Strong understanding of the business impact of security tools, technologies, and policies preferred

Responsibilities

• Manage the enterprise-wide Government, Risk, and Compliance (GRC) strategy.
• Direct the creation, review, and maintenance of all information security policies, standards, and procedures to align with business goals and regulatory requirements.
• Oversee the complete information security risk lifecycle, including the identification, assessment, tracking, and remediation of risks.
• Manage the third-party (vendor) risk program.
• Oversee vulnerability management program to ensure proper patch management of systems.
• Act as the primary point of contact for all internal and external information security audits.
• Manage and coordinate compliance activities, ensuring adherence to laws and frameworks like SOX, PCI-DSS, and various privacy regulations.
• Oversee the development and implementation of the company-wide security awareness and training program.
• Oversee the technical security infrastructure for systems, networks, databases, and cloud services.
• Define and own the security technology roadmap, analyzing tradeoffs between usability, security, and performance.
• Lead, recruit, train, and mentor the information security team.
• Manage the team's tactical workload and project priorities, collaborating with other IT leaders to resolve resource constraints.
• Collaborate closely with IT, Legal, and business unit leaders to build strong relationships and ensure security is a business enabler.
• Regularly report on risk, incidents, and program maturity to executive leadership.
• Research and analyze current cybersecurity trends, threats, and breaches to provide guidance on best practices and proactively update internal plans and security postures.
• Engage in GFS’ SAFe agile planning activities to successfully execute both security driven projects and to work with IT partners to resolve vulnerabilities within the technology solutions they own.
• Partner with our Security Operations team to ensure we are focused on the most important threats to be addressed.
• When necessary, assist with the investigation, reporting, and resolution of security incidents, ensuring a timely and effective response to mitigate risk.

Benefits

• Gordon Food Service values our customers and understands that their success is largely dependent upon their workforce.
• To demonstrate our commitment to our partnership, we will require any candidate who works for a Gordon Food Service customer to provide a letter of support from their management if they are selected for the interview process.
• Equal Employment Opportunity is a matter of policy at Gordon Food Service, Inc. and we are committed to a work environment in which all individuals are treated with respect and dignity.
• All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, status as a protected veteran, or status as a qualified individual with disability.
• If you require reasonable accommodation for any part of the application or hiring process due to a disability, please submit your request to [email protected] and use the words “Accommodation Request” in your subject line.
• All Gordon Food Service locations are tobacco-free.
• Gordon Food Service is a drug-free workplace and conducts pre-employment drug tests.
• For more than 125 years, Gordon Food Service has delivered uncompromised quality and heartfelt service.
• From a butter-and-egg delivery service, it has grown into the largest family-operated foodservice business in North America.
• Today, the company serves customers from restaurants, to healthcare and education, across the U.S. and Canada through its distribution network and more than 180 retail stores.