Director, Management Information Systems Security - The Jones Group

The Jones Group is currently seeking a Director, Management Information Systems Security. This position is responsible for development, implementation and management of computer and information security for the entire Jones Group enterprise. Responsibilities include leading the response to security incidents and serving as the primary contact point for information security matters that require coordination within the MIS and business organizations.
 
This position will coordinate computer information security activities and provide specialized security consulting that is related to information security and business continuity. Also, coordinate the development and implementation of high-level security policies, practices, standards and programs and works collaboratively with the other MIS areas, compliance, and the business.  Responsibilities also include proactively leading risk assessment, research, evaluations, and implementation of procedural and technical security measures that can be applied to the corporation for network, applications, and computing systems to protect the company's information assets.
 
Other responsibilities include: timely dissemination of security information; post-mortem and forensic analysis of incidents, as appropriate. Partnering and collaborating on audit activities with the MIS Compliance and Internal Audit areas for all SOX, PCI, and other critical audits.  Technologies that are supported in the area include firewall, intrusion detection, HIDS, and SAP security and account management.  Works to ensure that all projects assigned to the department are completed on-time and within budget.
 
 
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.
 
Manages and provides technical support and direction to the security staff to achieve department and company goals on a daily basis.  This includes technologies to support firewalls, intrusion detection, HIDS, SAP, and others.
Manages the development and implementation of the global security policy standards, guidelines, and procedures to ensure ongoing maintenance of security.  Protection responsibilities will include information asset protection, access control systems and more.  Information protection responsibilities will include network security architecture, network access and monitoring policies, employee education and awareness, and more.
Oversees incident response planning as well as conduct investigations of security breaches, to include forensic investigations, and assist with disciplinary and legal matters associated with such breaches as necessary.
Manages and collaboratively works with other MIS areas regarding security initiatives or audits.  Works collaboratively with the Senior Director of Systems and Network Services in assessing and recommending security technologies and architectures.
Budget: Effectively develops and manages the budget requirements for the security area.
Staffing: Manages the proper staffing levels within the security area by selectively hiring the proper candidates to join the group as needed. Prioritizes and assigns work to subordinate staff. Measures employees' results and initiates career development, coaching, mentoring, and performance plans as needed.
Provides technical support to security staff for problem determination and resolution of production related incidents.
Plans and implements the delivery and improvement of service, staffing and resources.
Evaluates the effectiveness of services provided and recommends changes in procedures to meet user's needs.
May perform any of the following: participate in development of planning activities, review and analyze data to predict future needs and recommend enhancements to the security areas; plan work of others to meet project deadlines; set priorities based on user needs.
Responsible for strict adherence to the companies PCI and Sarbanes Oxley compliance and testing requirements.  Works collaboratively with the MIS Compliance and Internal Audit teams to ensure satisfactory audits of the security area and critical controls are in place and monitored to ensure company risk is mitigated.
Qualifications

 
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
B.S. in computer science or related  field preferred
Security certifications in CISSP, SSCP, and CIW preferred
10+ yrs of professional experience, with a minimum of 5 of those years managing people in the security field.
Strong background in IT Security, intrusion detection, and firewall technologies
Similar industry experience (apparel, retail, mass-merchant, high volume, etc.) preferred
Formally trained, certified and/or possessing equivalent experience in IT project and system change management
Expense, capital and project budget responsibility
Working, technical knowledge or experience in a maximum number of the following technologies, systems, processes: SAP, Internet, Security, LAN/WAN, Remote Access, MS Project, Microsoft, Wintel, Unix and AS/400 platforms, Apparel specific systems and applications, Telecommunications and Email technologies is preferred.
Documentation and presentation skills
Communication skills to upper management and staff members
Formally trained, certified and/or possessing equivalent experience in IT computer operations management
Like-industry experience (apparel, retail, mass-merchant, high volume, etc.) preferred but not required
Time and work management skills, multi-tasking
Broad base of IT experiences, knowledgeable of best practices and ability to define, develop and drive innovative solutions
Well balanced between tactical problem solving and ability to define strategy

IF YOU INQUIRE ABOUT OR APPLY FOR THIS JOB, PLEASE MENTION YOU FOUND IT THROUGH THE CISO EXECUTIVE NETWORK

Contact: Mike Stanziola | Director of Business Development | firstPRO Inc. | IT Division
VP of Membership HDI Philly - http://www.hdiphilly.org
215.599.9012 direct | 215-499-8461 cell | 215.599.9040 fax | www.firstproinc.com
1500 JFK Blvd - Suite 815 - Philadelphia, PA 19102