The Company is one of North America’s leading sales and marketing agencies specializing in outsourced sales, merchandising, category management, and marketing services to manufacturers, suppliers, and producers of food products and consumer packaged goods. The Company services a variety of trade channels including grocery, mass merchandise, specialty, convenience, drug, dollar, club, hardware, consumer electronics, and home centers. We bridge the gap between manufacturers and retailers, providing consumers access to the best products available in the marketplace today.
Essential Responsibility
Strategic leadership and management:
- Own development and execution of the cybersecurity engineering strategy and security architecture aligned with the company's business goals and legal requirements and oversee cybersecurity standards and procedures to ensure they are in accordance with applicable laws, regulations, and industry standards.
- Direct strategic risk guidance for IT projects, including evaluation and recommendation of technical controls and capabilities.
- Regularly review and refine the company's cybersecurity practices, leveraging technology and industry best practices to drive efficiency and effectiveness.
- Active in Merger and Acquisition activity, including company diligence and proposed integration strategies.
- Represents the cybersecurity and compliance department to the organization, and to internal/external stakeholders.
- Ownership of the cybersecurity 18-month technology roadmap and 3-year strategic plan.
Enterprise Information Security Management
- Educate company leaders on appropriate security risk and mitigation strategies.
- Responsible for the overall effectiveness and efficiency of cybersecurity platforms and systems.
- Develop and enhance cybersecurity capabilities by evaluating cybersecurity threats, trends, and testing activities.
- Educate company executives and leaders on appropriate security risk and mitigation strategies.
- Create comprehensive security reports for the executive leadership and board of directors that provide clear insights into the company's risk profile, compliance status, and governance effectiveness.
- Promote and integrate secure development practices across the software development lifecycle (SDLC).
- Ensure that all security engineering practices comply with relevant regulations, standards, and frameworks.
People and relationship management
- Develop relationships with stakeholders so that the VP position becomes the trusted single point of contact for stakeholders for all initiative communications.
- Act as a liaison between cybersecurity and other IT and business units, ensure effective communication, and integrate cybersecurity capabilities into business processes.
- Own a defined communication plan for stakeholders that includes specific deliverables on a set frequency (e.g.: daily calls, weekly or monthly status reports, quarterly roadmaps, etc.).
- Operational Responsibilities
- Own the day-to-day direction of team activities and project milestones.
- Own of department and project budgets from a capital and operating expense perspective.
- Establish and monitor KPIs and metrics, measure the effectiveness of cybersecurity programs, and report on the organization’s cybersecurity posture to senior leadership and the board of directors.
Supervisory Responsibilities
Direct Reports
- Hires, retains, trains, coaches, guides, directs, and develops direct reports using company-wide processes, tools and resources
Indirect Reports
- May delegate work of others and provide guidance, direction and mentoring to indirect reports
Minimum Qualifications
Education Level:
(Preferred): Master's Degree Or equivalent experience
Field of Study/Area of Experience: Computer Science, Cybersecurity, IT, or a related field.
10+ years of experience in cybersecurity engineering, architecture, operations, or cyber defense
Skills, Knowledge and Abilities
- In-depth knowledge of cybersecurity principles, industry standards, frameworks, and best practices (e.g., ISO 27001, NIST Cybersecurity Framework, CIS Controls),
- Excellent written and verbal communication skills, with the ability to present complex cybersecurity issues and strategies clearly to various stakeholders, including the executive team and senior leadership.
- Knowledge of relevant regulations and standards, including GDPR, SOX, PCI-DSS, NIST, and ISO 27001.
- Strong understanding of risk management and threat modeling methodologies and the ability to assess and prioritize risks effectively.
- Strong ability to analyze complex data, interpret compliance requirements, and develop effective solutions.
- Familiarity with internal and external audit processes and the ability to coordinate and respond to audit findings.
- Understanding of establishing and maintaining an enterprise cybersecurity framework.
- Proven skills in leading and managing high-performing cybersecurity teams.
- Experience in managing budgets, allocating resources, and procuring cybersecurity tools and technologies.
- Strong ability to lead and manage the engineering and architecture function, develop and execute strategic plans, and guide the organization towards its cybersecurity objectives.
- Ability to negotiate with, influence, and secure buy-in from various stakeholders, both internal and external, to achieve cybersecurity objectives.
- Proficiency in planning, executing, and monitoring multiple projects simultaneously to ensure they are completed on time and within budget.
- In-depth technical knowledge of core cybersecurity principles, practices, and methodologies.
-
Technical expertise with cybersecurity technologies, tools, and solutions, such as firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM (Security Information and Event Management) systems, and encryption technologies.
Commitment to ongoing professional development and continuous learning in the field of cybersecurity, risk management, and compliance.
Environmental & Physical Requirements
Additional Information Regarding Advantage Solutions Job Duties and Job Descriptions