"Alerted.org

Position Overview

As a Director, IS Security you will be responsible for successfully implementing and maintaining security operations and security compliance policies, procedures and audit programs. This role is responsible for implementing and maintaining the installations of all security related applications, processes, and procedures and, communicating company policies related to information security. The Director will manage a team of offshore & onshore security workers to maintain a comprehensive information security program. The program will include the appropriate physical, technical, and administrative safeguards sufficient to protect C&S systems and C&S data (both on-premise and cloud) from unauthorized or unlawful destruction, loss, alteration, disclosure or access. The Director will need to work across infrastructure, business, and application teams to ensure the appropriate system, network, and application controls are in place and routinely monitored. The Director will also need to ensure that all team members are properly trained to support the security needs of C&S. Additionally, this role is also responsible for managing Oracle EBS Security for IT EBS Security Systems, supporting the design and implementation of all Oracle EBS Security and GRC systems, Oracle OCI security, Google Cloud Platform security, and network and system security

Job Description

Description

+ Manage onshore and offshore security team including delegating work assignments, performance reviews, and staff development.

+ Manage installations of security related applications, processes, procedures and equipment. Manage an Information Security program with the appropriate physical, technical, and administrative safeguards based on the NIST Cybersecurity Framework (CSF), NIST SP:800-53, ISO 27001 or a similar standard for all systems managed by the C&S Information Services department.

+ Manage the security of C&S endpoints, including ensuring compliance with all C&S security controls and actively deploying routine upgrades and patches.

+ Plan and develop security initiatives to increase security awareness and reduce risk. Partners with operational business functions to enable insight and understanding of security policies, initiatives and the audit program; functioning as a liaison among stakeholders to elicit, analyze, communicate and validate requirements for risk assurance, business controls, security and compliance.

+ Manage relationships with security software vendors and managed services providers. Negotiate contracts, evaluate vendor performance, and ensure all contracts and periodically reviewed and accurately documented within the IT asset database.

+ Develop and maintain GRC and other Security Systems and provide a high level of service to internal and external auditors. Ensure compliance with company security policies and directives. Provide recommendations to improve best practices.

+ Work with other process teams, business analysts, and business process owners within Internal Audit, and Accounting/Finance to ensure alignment.

+ Work closely with the business to implement projects, including the development of plans, management of resources and deliverables in the Security applications portfolio. Work with the business to ensure 3rd parties, SaaS and IaaS providers implement similar controls when handling or hosting C&S systems and data.

+ Travel Required:Yes

Environment

+ Office : Office Temperature (65F to 75F)

Skills

+ Specialized Knowledge : Experience, Industry recognized certification preferred, experience managing a team of onshore and offshore resources

+ Special Skills : Ability to collaborate across multiple departments ○ Strong leadership skills ○ In depth knowledge of Security Operations controls ○ In depth knowledge of Governance, Risk, and Compliance

+ Physical abilities: :

+ Other: :

Years Of Experience

+ 10-15 : hands-on experience in Information security management.

+ 5-7 : Project Management

Qualifications

Bachelor's Degree - Information Security, Certified Information Security Manager (CISM) - Other, Certified Information Systems Security Professional (CISSP) - Other

Shift

Company

C&S Wholesale Grocers, LLC

About Our Company

C&S Wholesale Grocers, LLC is an industry leader in supply chain solutions and wholesale grocery supply in the United States. Founded in 1918 as a supplier to independent grocery stores, C&S now services customers of all sizes, supplying more than 7,500 independent supermarkets, chain stores, military bases and institutions with over 100,000 different products. C&S also proudly operates and supports corporate grocery stores and services independent franchisees under a chain-style model throughout the Midwest, South and Northeast. We are an engaged corporate citizen, supporting causes that positively impact our communities.

Working Safely is a Condition of Employment at C&S Wholesale Grocers, LLC. C&S Wholesale Grocers is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. The Company provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act.

Company: C&S Wholesale Grocers, LLC

Job Area: IT - Technology

Job Family: Information Technology

Job Type: Regular

Job Code: JC2171

ReqID: R-262984