Reference #: 5000979227406Summary: Reporting to the CIO, the CISO will provide leadership, direction, and operational oversight of all information security, IT compliance, Governance, and data privacy initiatives within the organization to ensure the confidentiality, integrity, and availability of company, employee, and customer information.  The CISO consults and partners with leadership and their teams to implement, enforce, and verify compliance of security standards and policies.  Primary Responsibilities: *  Establish and manage solutions for information security and identity management including security prevention, detection, and response. *  Champion the information security program and foster a security-aware culture through awareness and promote security educational programs.  Ensure cybersecurity is embedded in business and functional processes.  *  Chair quarterly steering committee meetings with senior leadership to inform leadership of high-level risks, align on risk tolerance, and provide updates on changes in overall cybersecurity threats and regulatory changes. *  Serve as internal security expert to the organization. Continually monitor and adapt to advancements in cybersecurity technologies and emerging threats and risks.  *  Partner with business, infrastructure, and applications teams to ensure that technologies and solutions are developed and maintained according to security policies and regulatory requirements.  Identify and leverage synergistic opportunities to improve security posture in conjunction with business initiatives.  *  Advocate for, plans, implements, manages, maintains, and reviews security hardware and software, and ensuring IT and network infrastructure is designed according to information security best practices. As well as oversight of Infrastructure and network Operations.  *  Monitor the effectiveness of information security programs and solutions through maturity assessments against industry frameworks and independent assessments such as penetration testing.  *  Guide and influence technology investments within the context of risk reduction, budget, operational effectiveness, and organizational alignment with business and IT strategic plans.  *  Coordinate and lead security incident response. Periodically review and update incident response plans to ensure they are effective and relevant parties are engaged in order to minimize the risk of data loss or breaches.  *  Hands on knowledge of NIST framework. *  Provides organizational tactical and status reports on ongoing improvements to the overall IS program, risk assessments, tests, and security control changes to the enterprise. *  Ensure effective and efficient compliance with SOX IT General Controls in partnership with internal and external audit partners. *  Manage PCI-DSS compliance and compliance processes and partner with retail and finance teams to identify solutions and roadmaps necessary to transition to PCI 4.0.  *  Partner with business and legal teams to ensure compliance with evolving employee and consumer data privacy regulations are met. Monitor and adjust to evolving regulations.  *  Align with business, IT, and legal teams to identify and address potential risk areas in security, compliance, and privacy and proactively drives any needed activities to achieve desired outcomes.  Requirements: *  Preferred 15 years of experience with information security program and solution development, deployment, and operations, including experience at a senior leadership level. *  Ability to communicate complex technical challenges in a non-technical and simplified manner to business audience. *  Strong knowledge of cybersecurity principles, technologies, and best practices. *  Familiarity with industry regulations and compliance requirements including data privacy. *  Skilled at vendor and supplier management, forecasting, and budgeting. *  Deep understanding of network security, c oud security, data protection, and identity and access management. *  Strong leadership and communication skills, with the ability to collaborate effectively with cross-functional teams. *  Excellent problem-solving and decision-making abilities. *  Previous experience with networking and infrastructure a plus. *  Knowledge of Linux/Unix and experience with SD Wan is helpful. *  Certifications such as CISSP or CISM are preferred. Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled