The Children's Place Stores, Inc. -

MANAGER, IT SECURITY

2 months ago
Job ID
2017-28958
# Positions
1
SECAUCUS
New Jersey

Overview

The Manager, Information Security & Compliance will be responsible for maturing the company’s information security strategy based on key processes, practices, and standards necessary to manage the risks and security for The Children’s Place.  This position will ensure that security controls and considerations are consistent and remain relevant throughout the organization and meet regulatory requirements and industry best practices such as ISO, PCI and IT SOX.

Responsibilities

Key Accountabilities:

 

  • Establish a process to periodically update policies and procedures to ensure they accurately reflect business requirements and align to industry leading security practices such as ISO 27002, NIST Cyber Security Framework, etc
  • Function as a subject matter expert in several IT security domains (e.g. access control, cryptography, monitoring, etc.)
  • Lead configuration and administration of technical platforms and systems related to compliance (including application whitelisting, identity and access management, advanced malware protection, intrusion prevention, etc.)
  • Provide security expertise during various phases of technology projects to ensure security standards are met.
  • Enforce baselines and / or hardening standards across the organization.
  • Facilitate and support network and application penetration tests.
  • Provide oversight of the Enterprise Identity/Access Management and Privilege Access Management applications.
  • Investigate and analyze details of security incidents as part of an incident response team.
  • Partner with Application Development and Project Management teams in examining Secure Development Life Cycle (SDLC) practices such as insecure coding, insecure configuration, and process improvements.
  • Consult with IT to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, software, and applications.
  • Partner with the Application Development and Project Management teams to drive visibility and understanding on application security strategy and flaws.
  • Provide oversight and continuous enhancement of cyber security awareness program and improvement on risk management.
  • Manage third party risk management program in partnership with cross-functional teams

Qualifications

 

Education and Experience:

    • Bachelor’s degree
    • 7+ years of experience in information security
    • 2+ years of management experience
    • CISSP, CISA, or CISM a plus
    • Experience with implementing and managing Identity & Access Management, Privilege Access Management, DLP, GRC, and ERM tools
    • Experience with implementing security frameworks such as ISO, NIST, SANS Top 20, etc.
    • Experience with data classification, access control, and security models
    • Hands on experience with Security Event & Incident Management Tools
    • Understanding of various application security controls through the SDLC including Secure Design Review Source Code review, and Dynamic Scanning
    • Understanding of PCI and SOX compliance standards / requirements
    • Strong analytical and problem solving skills
    • Ability to work effectively will people at various levels throughout the organization
    • Must work well under pressure, grasp new ideas quickly, think outside the box, and be able to follow up in a dynamic environment
    • Strong multi-tasking skills in a fast paced environment
    • Strong team player
    • Work well independently with minimum supervision
    • Excellent verbal and written communication and interpersonal skills

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed