New York & Company, Inc.
New York City, NY, United States
Executive, Manager, It, Chef, Food Services, Hospitality
We're looking for a talented and highly consultative Director of Security, Compliance & Risk to help spearhead RTW Retailwinds, Inc.’s security, data protection, IT risk management, and compliance programs.
You have a passion for hospitality and technology and have in-the-trenches experience with cybersecurity, PCI compliance, GDPR, BCP and SOC auditing. You are an advocate for building products and platforms responsibly and care deeply about protecting customers’ privacy rights and protection of their data. You are detailed, process-driven, and understand the balancing act that is managing risk. Most importantly, you want to be part of an innovative and hardworking team.
As the Director of Security, Compliance & Risk, you will be responsible for designing, developing and implementing RTW’s security, data protection, business continuity process, IT risk management, and compliance programs. This is a highly visible role reporting directly to the Senior Director for Infrastructure and Security and working with senior leadership to run a responsible business via identifying risks and ensuring compliance for our customers. You will possess both the technical and communication skills to be successful in this endeavor.
Review, improve, create, and monitor security processes and company IT policies
Coordinate, monitor, develop, implement and maintain IT Compliance program
Create a framework that effectively measures compliance standards with information policies
Develop and maintain a strategy for managing security related audits, compliance checks and external assessments
Manage and implement PCI, SOC, GDPR, and other compliance programs
Create and execute a strategic annual Compliance Monitoring and Testing plan
Ensure IT compliance programs meet all industry applicable rules, regulations, standards, and laws
Track and ensure adequate and timely resolutions to all audit/review issues relating to IT compliance
Conduct Vendor (Third Party) risk assessments. Provide guidance, evaluation and advocacy on all audit responses
Create compliance reports as required
Bachelor’s degree in Computer Science, Engineering, or other related discipline
Minimum of 7 years of experience in IT Infosec, Technology Risk Management, auditing and at least 5 years working with IT management in compliance
Preferred certifications include:
Knowledge of ISO/IEC 27001, ITIL, COBIT, and NIST
Strong knowledge of Cloud Security requirements and relevant legal, regulatory, and privacy requirements
Knowledge of network, web technology, encryption, virtual private networks, internal, extranet, security, cloud, computing (firewalls remote access) and security management
Certified Information Systems Auditor(Manager) (CISA(M))
Certified Information Systems Security Professional (CISSP)
Certified Security Plus ( )
NEW YORK, New York, United States
New York & Company, Inc.
Website : http://www.nyandcompany.com