Sr. Director, Cyber Security

Foot Locker•Irving, TX

56d•$180,000 - $230,000

About The Position

Foot Locker is seeking a highly experienced and strategic Senior Director of Cyber Security leader to spearhead our global cyber security risk efforts. Reporting to the CISO, you will play a pivotal role in safeguarding our global platform, ensuring the security and privacy of our customers' data, and maintaining the trust of our clients. As the Senior Director of Cyber Security, you will oversee Identity and Access Management, Cyber Engineering, and Cyber Architecture, including setting the global strategic risk direction, maturing, and building out the people and processes. Strong knowledge and experience in other Cyber capabilities such as Operations, Vulnerability & Threat Management, Application Security, and Governance is a must.

Requirements

Bachelor's degree in computer science, Information Security, or a related field (master's degree preferred).
8+ years of experience in leading cybersecurity and cyber risk initiatives.
5+ years building and managing IDM, Cyber Engineering, and Architecture teams.
Security certifications such as CISSP, CISM, or equivalent are a plus.
Experience and knowledge in cyber tools such as in Secure Access Service Edge (SASE), Cyber Threat Management (e.g., Nessus, Veracode), Security and Data Analytics (e.g., Splunk Cloud), Security Automation and Orchestration (e.g., Splunk SOAR), and Identity and Access Management (e.g., ForgeRock, Saviynt, CyberArk).
Expertise in operating, configuring, and deploying security capabilities across the enterprise.
In-depth understanding of industry standards, frameworks, and regulations related to cybersecurity (e.g., NIST, ISO, GDPR, MITRE, Cloud Security Alliance).

Responsibilities

Oversee Identity & Access Management, Cyber Engineering, and Cyber Architecture teams.
Develop and execute a comprehensive cyber risk management strategy, providing a holistic view of our enterprise's risk posture to align with Foot Locker's overall security objectives.
Identify key risk indicators (KRIs) for the cyber risk management strategy, to continually monitor our cyber program's risk posture and health.
Assess and prioritize cyber risks, setting risk tolerance levels and devising mitigation strategies, including those reported by external scoring services.
Define and maintain policies, standards, and procedures for cyber risk management related to areas of responsibility.
Conduct regular risk assessments and audits, identifying gaps and recommending appropriate risk mitigation measures, especially in the IDM space.
Stay informed about emerging cyber threats, industry trends, and regulatory changes.
Coordinate with internal teams to ensure effective implementation of cybersecurity controls.
Ensure compliance with applicable laws, regulations, and alignment with industry standards (e.g., GDPR, ISO 27001, NIST, etc.).
Collaborate with external partners, vendors, and industry experts to enhance our cyber risk management capabilities.
Cultivate a culture of cybersecurity awareness and champion best practices throughout the organization.
Present enterprise risk assessment data and recommendations to executive leadership committees.