Job description
Director of IT Security and Compliance
Who are we and what do we do?
Edible® is a leader in the gifting category with delicious, hand-crafted offerings which we’ve expanded to a range of gifts and treats for every moment. From our signature Edible Arrangements® Fruit Bouquets, Dipped Fruit® boxes, fresh fruit smoothies and more, Edible’s exceptionally crafted gifts and treats continue to fill the world with goodness. Through Edible’s 1,000 independently owned franchise locations, the mission of the brand - no matter how big it gets - is to WOW you with every piece of fruit that’s dipped, box that’s filled or arrangement that’s hand-delivered.
Through all our incredible years, we’ve remained committed to our 5Ps:
Our promise–To WOW each and every customer.
Our products–Natural, novel and delicious.
Our places–Stores, vans and edible.com.
Our People–Both our corporate and in-store employees.
Our purpose–To celebrate what’s good in life.
Who we’re looking for:
Looking to join an exciting fast paced, growing company? Edible, LLC is looking to hire an experienced IT Security and Compliance manager to help maintain Edible’s PCI compliance and security programs.
How you’ll make an impact:
Manage the company’s annual PCI Compliance efforts for the eCommerce sites. This includes working with internal teams as well as outside assessment groups.- Work with internal teams to maintain ongoing PCI Compliance
- Conduct Vendor Risk Assessments by reviewing the data being provided and security controls of the vendor to ensure Edible’s data is being protected
- Conduct Internal Audits of corporate processes and provide recommendations and reports
- Manage the company’s People and Security Awareness Training Programs via online training, phishing campaigns, and reviewing, reported phishing and security items
- Manage and maintain company Policies
- Manage relationship with PCI QSA and Pen Testing vendor
- Assist with data security and privacy issues, including, but not limited to, the right to delete and right to know requests.
- Measure and assess information security risk and key performance indicators within IT, including coordinating risk assessments and leading IT to control audits.
- Ensure compliance with corporate security policies as well as regulatory and contractual requirements.
- Recommend policies, standards, procedures, and controls to assure the confidentiality, integrity, and availability of the information technology environment for on-premises as well as cloud-hosted IT applications and infrastructure.
- Manage audit gaps; identifies those within IT, and are responsible for remediating or closing audit findings, negotiate dates for closure, and track/report progress. Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders while working closely with the security team on priorities.
- Work closely with the internal compliance team to ensure proper control alignment, adherence, and timely uploads of evidence.
- Meet with both internal and external auditors to provide relevant evidence during audits and as needed.
- Work closely with cross-functional stakeholders on Security & Compliance related initiatives and projects
- Lead engagements with IT & security vendors for mutual success, acting as an inter-departmental Security consultant on all new vendor evaluations.
- Implement and develop new security tools and services to empower IT and partner teams.
- Collaborate with peers to write, review, and provide feedback on security & compliance specifications.
And here’s what we think you’re like:
Minimum 5 years’ experience in Compliance, Security, or Governance- Demonstratable knowledge of general industry best practices and security frameworks, including but not limited to ISO, NIST, PCI DSS, and SOC/SOX audits and controls
- Must have PCI Assessment Experience and ISA certification
- CISA, CISM or CRISC preferred but not required
- Significant experience with corporate compliance matters
- Deep understanding regarding the handling, storage, and maintenance of confidential information and personally identifiable information
- Demonstrated ability to work independently and manage multiple projects that require collaboration across functional areas
- Attention to detail and ability to carefully proofread all work with superior written and verbal communication, organization skills, and ability to prioritize and execute tasks effectively.
- Knowledge of and skilled in using software including Microsoft office suite and Adobe
- Ability to manage multiple priorities and deadlines through timely completion.
- Understanding of MDM frameworks and technologies (JamF, Meraki, InTune)
- Experience with SSO technologies and integrations (OneLogin)
- A track record for documenting all things and communicating clearly.
What We Offer:
-
- Competitive Salary and Benefit plans
- Healthcare Plan including health/dental/vision insurance
- 401K Plan
- Section 125 Flexible Spending Account
- Life Insurance
- Short- and Long-Term Disability
- Paid time off
- Paid holidays
colinoncars.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, colinoncars.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, colinoncars.com is the ideal place to find your next job.