Academy Sports + Outdoors Job - 34693897 | CareerArc
  Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Company: Academy Sports + Outdoors
Location: Katy, TX
Career Level: Director
Industries: Retail, Wholesale, Apparel

Description

Come work at a place where we take pride in creating a workplace environment that values hard work, commitment, and growth.

Job Description:

Education:

  • Bachelor's degree in Computer Science, Information Technology or similar field of study
  • Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manger (CISM)

Work Experiences:

  • Minimum of seven to 10 years of experience in a combination of risk management, information security and IT jobs (at least five must be in a senior leadership role

Skills:

  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from C-Level to technical specialist.
  • Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization.
  • Sound knowledge of business management and a working knowledge of information security risk management and cyber security technologies
  • Up-to-date knowledge of methodologies and trends in both business and IT
  • Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in dynamic business environment
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations
  • Knowledge and understanding of relevant legal and regulatory requirements, such as: Sarbanes-Oxley Act (SOX), Payment Card Industry/Data Security Standard (PCI), and Health Insurance Portability and Accountability Act of 1966 (HIPPA)

Responsibilities:

  • Develop an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensure senior stakeholder buy-in
  • Develop, implement and monitor a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety privacy and recovery of information assets owned controlled or/and processed by the organization.
  • Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders as part of a strategic enterprise risk management program, thus supporting business outcomes.
  • Along with Information Security, also own the data and IT compliance function. Responsible for ensuring SOX and IT policy compliance is maintained with IT functions.
  • Own defining and enforcing IT policies, as well as, SOX compliance for IT.
  • Work with the legal team to ensure that information security requirements are included in contracts by liaising with legal and procurement organization.
  • Lead the information security function across the company to ensure consistent and high-quality information security management in support of the business goals
  • Manage the budget for the information security function, monitoring and reporting discrepancies.
  • Evaluate new and emerging security products and technologies
  • Analyze the current enterprise information security infrastructure and identify areas of potential risks
  • Create and maintain documentation as it relates to security designs/configurations, processes, and requirements
  • Plan, monitor and implement enhancement requests, patches and upgrades
  • Builds security reporting and dashboard per requirements
  • Able to communicate the impact of cybersecurity on business to Executive leadership
  • Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management
  • Promote information security awareness throughout the organization through training, information security awareness sessions, and other related activities
  • Required to learn company policies, procedures and safety rules
  • Duties may change; Team Members may be required to perform other duties as assigned

Physical Requirements & Attendance

  • Regular attendance required
  • Acceptable level of hearing and vision to perform job duties
  • Adhere to company work hours, policies, procedures and rules governing professional staff behavior
Full time

Academy is an Equal Opportunity Employer and does not discriminate with regard to employment opportunities or practices on the basis of race, religion, national origin, sex, age, disability, gender identity, sexual orientation or any other category protected by law.​


 Apply on company website