ApplyDescription
365 Retail Markets is the global leader of self-service technology and convenience solutions for the food service industry. Through our combination of MicroMarket, vending, and dining technologies, we offer the best in class point-of-service platform for the workplace. For the last decade, 365 has been pioneering innovation and winning multiple awards for revolutionizing the market with superior technology, strategic partnerships and ultimate flexibility in customization and branding. At 365, we are committed to supporting our customers and employee’s success!The Director of IT and Security is a technology thought leader, experienced in strategy, planning, governance, and management.
The successful candidate will be an integrator of people and processes, a problem solver, an effective consultant, and have strong knowledge of modern cloud infrastructure, traditional IT infrastructure, information security, product deliver, and customer service. The successful candidate will be responsible for leading, creating, and executing 365’s IT and infosec strategy, and managing a team of technology professionals.
Responsibilities
- Develop a cohesive information security strategy to protect data across technology stacks, software platforms, IT infrastructure, and cloud providers.
- Maintain ownership of company Information Security Policy; initiate, plan, execute, and audit accompanying processes required to adhere to Policy.
- Accountability over 365’s baseline of security controls across business entities.
- Identify, assess, and prioritize information security risks and vulnerabilities. Develop and execute risk mitigation plans to safeguard against potential threats and breaches. Establish and present risk reports to senior leadership.
- Establish and own security incident response strategy across the enterprise.
- Manage and maintain the company's IT infrastructure, including networks, servers, tools, systems, and software applications. Ensure that IT systems are secure, resilient, and efficient to support business operations.
- Maintain near 100% uptime for critical business systems.
- Establish and maintain dashboards and reports to support customer SLA agreements for uptime.
- Design disaster recovery infrastructure that can be regularly validated and tested.
- Translate business or infrastructure needs into task-based projects. Assign to team members and track through completion.
- Facilitate team meetings - projects, metrics, SLAs, customer satisfaction, escalations, upcoming maintenance, ETC.
- Diligently track key performance metrics and communicate to senior leadership in dashboards and reports.
- Maintain and establish relationships with vendors.
- Lead security and compliance audits like PCI-DSS, SOC2, and NIST CSF.
- Integrate security and compliance strategy into new product development.
- Procure adequate resources to achieve departmental objectives in planned timeframes.
- Manage information technology budget.
- Stay abreast of changes to the technology landscape; proactively discuss and provide recommendations to senior leadership to facilitate necessary internal changes.
- Other duties as assigned.
Requirements
- Master's degree (M.S.) in Computer Science or significant experience of over 10+ years in a related field.
- 7+ years IT and Security management experience working with modern applications and infrastructure.
- CISSP, CISM, or related certifications highly desired.
- Strong experience with audit frameworks like PCI-DSS, SOC2, ISO-27001, and NIST CSF.
- Experience with privacy regulations like GDPR, CCPA and CPRA.
- Experience with security tools and technologies, such as SIEM, IDS/IPS, DLP, endpoint protection, WAFs, and encryption.
- Other tools: Jira, Confluence, Zendesk, SharePoint, Visio, Excel, Word, and PowerPoint
- Ability to recruit, train and retain talent.
- Strong knowledge of roadmaps and portfolios.
- Strong leadership, diplomatic, communication, interpersonal, and motivational skills.
- Proven ability to demonstrate a drive for results and accountability of business needs.
- Proven ability to work in an ambiguous environment and collaborate across multiple areas to achieve a common business objective.
- Support diverse and inclusive work environment.