IT Manager Information Security
Charlotte, NC, United States
Ref#: 1085077
Date published: 11-May-2015
Share with: Facebook Twitter Viadeo Send to a friend
Position Summary:
Charlotte, N.C.-based Belk, Inc. (www.belk.com) is the nation’s largest family owned and operated department store with more than $4 billion in sales and 300 Belk stores located in 16 Southern states and a growing digital presence on belk.com. Founded on May 29, 1888 by William Henry Belk in Monroe, N.C., the company is in the third generation of Belk family leadership. Our mission is to satisfy the modern Southern lifestyle like no one else, so that customers get the fashion they desire and the value they deserve. Our vision is for the modern Southern woman to count on Belk first – for her, for her family, for life. Belk has been committed to community involvement since its inception and today gives 2.5 percent of its pretax income back to the communities it serves. During the past fiscal year the company and its associates, customers and vendors donated more than $20.9 million to those communities.
Essential Functions/Responsibilities:
The Manager Information Security is a key member of the Information Cybersecurity team, which provides information security and risk management support for all Belk businesses. This position leads and evolves the IT Risk and Security Architecture Program which includes security risk assessments, penetration testing, and application security review activities across the Belk enterprise. These activities will be conducted and performed to identify IT risk and vulnerabilities to the company to drive awareness, understanding, and remediation of potential exposures to the business.
This position will provide guidance and direction in leading the security team’s operational, tactical, and strategic planning to evolve and adapt the risk and security architecture management activities to align and support business objectives, minimize adverse threat impact, and foster productive partnerships across the organization. Serves as trusted advisor and security consultant to identify and communicate risk trends and considerations in support of remediation plans in collaboration with business partners across Belk.
The Manager manages the development, planning, execution, and reporting of risk assessments, penetration testing, security architecture strategic decisions, and application security assessment activities; establishes and maintains regular written and in-person communications with the organization’s executives, department heads, and end users regarding pertinent risk and vulnerability assessment activities.
Responsible for making decisions in such a way that risk is identified, communicated, and effectively mitigated; directs and manages project initiatives from beginning to end; define project scope, objectives and deliverables that support business goals in collaboration with senior management and stakeholders; effectively communicate pertinent risk information to management, business constituents, team members and appropriate audiences in a timely and clear fashion; liaison with business partners across the organization in an ongoing basis; build, develop, and grow any business relationships vital to the success of the project.
Challenges others to develop as leaders while serving as a role model and mentor; manages the development of team by ensuring, when possible, that project tasks are in line with career interests; inspires co-workers to attain goals and pursues excellence; identifies opportunities for improvement and makes constructive suggestions for change; manages the process of innovative change effectively; remains on the forefront of emerging industry practices; consistently acknowledges and appreciates each team member's contributions; effectively utilizes each team member to his/her fullest potential; motivates team to work together in the most efficient and synergistic manner.
The Manager manages the development, planning, execution, and reporting of risk assessments, penetration testing, security architecture strategic decisions, and application security assessment activities; establishes and maintains regular written and in-person communications with the organization’s executives, department heads, and end users regarding pertinent risk and vulnerability assessment activities.
Responsible for making decisions in such a way that risk is identified, communicated, and effectively mitigated; directs and manages project initiatives from beginning to end; define project scope, objectives and deliverables that support business goals in collaboration with senior management and stakeholders; effectively communicate pertinent risk information to management, business constituents, team members and appropriate audiences in a timely and clear fashion; liaison with business partners across the organization in an ongoing basis; build, develop, and grow any business relationships vital to the success of the project.
Challenges others to develop as leaders while serving as a role model and mentor; manages the development of team by ensuring, when possible, that project tasks are in line with career interests; inspires co-workers to attain goals and pursues excellence; identifies opportunities for improvement and makes constructive suggestions for change; manages the process of innovative change effectively; remains on the forefront of emerging industry practices; consistently acknowledges and appreciates each team member's contributions; effectively utilizes each team member to his/her fullest potential; motivates team to work together in the most efficient and synergistic manner.
Requirements/Qualifications:
Preferred Qualifications:
• Familiarity with key technologies used for core infrastructure within the Retail industry.
• Information security certifications such as CISSP, CISM, or GIAC.
• Consensus builder with ability to defuse tension in stressful situations.
• Service centric focus when performing daily tasks with emphasis on consultative and collaborative solution building.
• Articulate and persuasive leader who can serve as an effective member of the management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff.
• Strong project management office experience with understanding of Agile methodology.
• 3+ years of direct managerial experience with building Risk and Security Architecture programs.
• 10+ years overall experience in Cybersecurity.
• Demonstrated knowledge of information security principles, standards, practices and subject areas.
• Excellent written, oral, and presentation skills.
• Excellent interpersonal skills.
• Ability to conduct and direct research into IT security issues, trends, and solutions as required.
• Ability to present ideas in business-relevant and user-friendly language.
• Proven analytical, evaluative, and problem-solving abilities
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Strong understanding of key security frameworks (NIST 800-37, SANS CSCs, PTES, etc.).
• Strong understanding of PCI, HIPAA, SOX, and other governmental and industry requirements.
• Experienced with ISO and ITIL.
• Track record of partnering with other teams in different departments to build relationships that further Penetration Testing and Security.
• 2+ years network/system architect/engineering experience
• 10+ years overall experience in Cybersecurity.
• Demonstrated knowledge of information security principles, standards, practices and subject areas.
• Excellent written, oral, and presentation skills.
• Excellent interpersonal skills.
• Ability to conduct and direct research into IT security issues, trends, and solutions as required.
• Ability to present ideas in business-relevant and user-friendly language.
• Proven analytical, evaluative, and problem-solving abilities
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Strong understanding of key security frameworks (NIST 800-37, SANS CSCs, PTES, etc.).
• Strong understanding of PCI, HIPAA, SOX, and other governmental and industry requirements.
• Experienced with ISO and ITIL.
• Track record of partnering with other teams in different departments to build relationships that further Penetration Testing and Security.
• 2+ years network/system architect/engineering experience
Preferred Qualifications:
• Familiarity with key technologies used for core infrastructure within the Retail industry.
• Information security certifications such as CISSP, CISM, or GIAC.
• Consensus builder with ability to defuse tension in stressful situations.
• Service centric focus when performing daily tasks with emphasis on consultative and collaborative solution building.
• Articulate and persuasive leader who can serve as an effective member of the management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff.
• Strong project management office experience with understanding of Agile methodology.
Education and Experience:
Bachelor's degree (B. A.) from four-year college or university; or equivalent training, education and experience.
Bachelor's degree (B. A.) from four-year college or university; or equivalent training, education and experience.
