Sr Director Info Security

At the Store Support Center, we’re in the business of serving those who serve our guests. Reporting directly to the CIO, this role is responsible for providing leadership and strategic vision across diverse teams that support global enterprise security initiatives. Directs the overall planning and execution of enterprise security systems, using operational and tactical expertise to direct security management reports, who oversee analysts, engineers, architects, and project managers. Ensures business decisions are not hampered by security, but adhere to corporate security policies and are implemented with security in mind. Champions a flexible, highly adaptable and secure operating business environment. Operates a strong Security Operations function and ensures that any impact caused by a Cybersecurity threat is minimized. Directs and provides a strategic risk management vision that scales across all brands to effectively secure the business without slowing company innovation and execution. Drives a strong security culture within the security department, but also organization-wide across management and employees. Implements, maintains, and oversees 24x7x365 monitoring and response for Cracker Barrel systems to detect and prevent cyber incidents. Facilitates security governance across the business in conjunction with an information security steering committee and advisory board. Is accountable for thorough enterprise policies, security technology architecture, protecting against emerging threats, and active monitoring and response objectives. Frequently interacts with business units to understand their plans, risk posture and tolerance, and how information security can securely enable them to execute their vision and business obligations. Motivates employees to maximize rigorous system security controls and focuses on implementing the basics, reducing complexity and establishing a security maturity model that is tracked and adaptable to necessary changes. Reports regularly to senior management and boards, keeping them abreast of the threat landscape and the tactical controls and strategic plans to achieve success. Serves as the HIPAA Security Officer. Actively recruits and leads by example to create a culture where employees want to work. Leads with humility and is respectful to all. Facilitates third-party audit reviews of internal departments and reports results to management and security oversight committees. Leads security-related projects from inception to successful completion and is capable of effectively coaching technology staff on appropriate security protocols and needs as they implement new technology into the organization. Defines key performance indicators (KPIs) and metrics that align with business initiatives and delivers them to in an effective manner. Establish and execute an annual cybersecurity tabletop exercise. Enhance employee education through monthly Ninjio training and quarterly phishing exercises. Presents security update to the Audit Committee quarterly and to the full Board of Directors Annually.