Director, Information Security

Torrid Industry , CA 91714

Posted 7 months ago

The Director, Information Security plays an integral role in the leadership and development of the Information Security team and is responsible for securing customer, employee, and corporate data within Torrid. Specifically, this leader and his/her team is responsible for monitoring and reporting on the security health of Torrid's data systems, implementing and administering all cyber security technologies, delivering key cyber risk metrics to stakeholders at all levels of the company, maintaining data regulatory compliance, defining data security policies and guidelines. In addition, this leadership role will lead Torrid's Business Continuity and Disaster Recovery program.

What you'll do...

  • Build and lead key security roles within Torrid, including: Data Security Compliance, Security Operations, Security Engineering, and DevSecOps

  • Build and guide the Information Security team in developing individual skillsets to maximize personal growth and team success

  • Ensure Torrid is compliant with all data compliance requirements, including SOX, CCPA, GDPR, ADA and PCI

  • Develop and maintain Torrid's Cyber Incident Response Plan; ensuring all required participants are trained in response protocols

  • In partnership with Torrid's Information Technology teams, ensure that critical business systems are resilient to cyber events

  • Work alongside other Torrid teams to identify areas of cyber risk to the organization and assist with reducing those risks to acceptable levels

  • Define, direct, and oversee the execution of security processes in the areas of intrusion prevention, security event monitoring/SIEM, vulnerability management, privilege access management, web filtering, and VPN

  • Recommend security solutions that drive improvements in the capability and functionality of the cyber security program

  • Serve as a subject matter expert providing advisory services related to Torrid's security architecture strategy, as well as, security requirements for all internal and external business partners

  • Establish, monitor, evaluate, and report key performance and risk indicators (KPIs and KRIs) to provide leadership with accurate and timely information regarding the effectiveness of the information security strategy

  • Develop DevSecOps functions within Torrid and ensure code development is aligned with industry best practices

  • Manage the gathering and analysis of Torrid's data to ensure actionable information is available and responded in accordance with defined SLAs

  • Define 3rd party data security requirements and perform cyber risk assessments of Torrid's current and prospective 3rd party vendors ensuring all appropriate controls are applied

  • Maintain a roadmap for the development of security architecture and standards

  • Ensure that the Global Security Strategy is meeting the security and privacy needs of internal and external customers

  • Provide strategic and tactical security guidance for new and existing technical solutions

  • Communicate and promote the awareness of information security, information risk, and privacy to business units, customers and partners

  • Provide direct leadership of security projects to improve operational efforts

  • Participate in on-call support and issue escalation, as needed

  • Develops, oversees, and regularly tests IT disaster recovery procedures to assure business continuity for both central and distributed systems and services.

What you'll need...

Work Experience:

  • 5-7 years' experience in a Cyber Security leadership role reporting directly to the CIO or CTO.

  • 10 years' experience operating, monitoring and enforcing security policies, standards, tools, controls and systems in large scale organizations where you directly managed employees.

  • Prior experience with PCI compliance in a retail organization and implementing a NIST cybersecurity framework.

  • Deep understanding of Payment Card Industry (PCI) Data Security Standard (DSS), ISO 27001/27002, SSAE-16, COBIT, ITIL, Personally Identifiable Information (PII), NIST Cyber Security Framework, and other regulatory compliance, privacy standards, and legislation.

  • Broad understanding of Networking Protocols, Netflow, Routing, DNS, Firewalls (Palo Alto Networks and Cisco ASA), Wireless, Operating Systems (including Windows, MacOS, and Linux), Virtualization (VMware ESX), Databases (MS SQL, Oracle, MySQL), Payment Applications, Retail Operations and Processes (Oracle ORPOS and XStore), Cryptography, PKI, Patch Management, Scripting, Mobile Device Management, and Disaster Recovery

  • Educational knowledge or work experience with behavioral analytics technologies

  • Proficiency in managing onshore/offshore teams and large scale projects

  • Proficiency in establishing and maintaining effective working relationships with employees, business partners and third party vendors.

  • Excellent verbal and written communication skills to technical and non-technical audiences of various levels in the organization

  • Strong understanding and/or experience with Security Information and Event Management (SIEM), Vulnerability Management, Penetration Testing, Authentication Methods, Identity and Access Management (IAM), Anti-Malware and Malware Analysis/Remediation, Intrusion Detection and Intrusion Prevention (IDS/IPS), Web Application Firewalls, File Integrity Monitoring (FIM), Incident Response/Forensics, Physical Access Controls and Security Best Practices

  • Excellent verbal and written communication skills for technical and non-technical audiences of various levels in the organization


  • A "breaker" mindset. You ask, "How are things NOT supposed work?"

  • Excellent verbal and written communication skills with a wide range of audiences including executives, business stakeholders and IT team members

  • Great attitude and strong work ethic

  • High level of creativity, quick problem-solving capabilities and strong analytical skills

  • High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity

  • Must be a critical thinker with strong problem-solving skills

  • Ability to work on multiple projects and meet deadlines by setting priorities with work projects

  • Ability to establish and maintain effective working relationships with coworkers and clients

  • High degree of initiative, dependability and ability to work with little supervision.

  • Fluent written and spoken English


  • BA/BS degree in Computer Science, Information Security or equivalent mix of education and experience

  • Master's or other advanced degree in Cyber Security preferred

  • Professional security management certifications, such as Global Information Assurance Certifications, Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP), Certified Information Security Manager (CISM), AWS Certified Security Specialty, Palo Alto Networks Certified Network Security Administrator (PCNSA), or other similar credentials desired.

What you'll get...

  • Our open floor plan allows for a creative, collaborative and fun environment.

  • A competitive benefits package including medical, dental, vision, 401k and paid time off.

  • Additional perks like a generous employee discount, access to employee-only sales, caf, masseuse, gym, fitness and yoga classes, basketball court, and more.

  • Can't forget Thirsty Thursdays during the summer!

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Security Guard Access Control & Truck Gate

Allied Universal Security

Posted 6 days ago

VIEW JOBS 2/14/2020 12:00:00 AM 2020-05-14T00:00 Overview We are North America's leading security services provider with over 200,000 phenomenal employees. At Allied Universal, we pride ourselves on fostering a promote from within culture. There are countless examples of individuals who began their career as Security Professionals and today hold positions on our senior leadership team. In fact, over 65% of our managerial positions are filled by internal candidates. For all full-time positions, we offer medical, dental and vision coverage, life insurance, 401K, employee assistance programs, company discounts, perks and more! We also offer part-time and flexible schedules! Start your phenomenal career with Allied Universal today! Job Description GRAVEYARD SHIFT Large Logistics Center City of Industry, CA Allied Universal is seeking Professional Security Guards. Our Security Guards allow us to contribute to our company's core purpose of providing unparalleled service, systems and solutions to serve, secure and care for the people and businesses of our communities. QUALIFICATIONS/REQUIREMENTS: * Be at least 18 years of age with high school diploma or equivalent * Possess effective written and oral communication and interpersonal skills with ability to deal with all levels of personnel and the general public in a professional and effective manner * Valid guard card/license, as required in the state for which you are applying. * As a condition of employment, employee must successfully complete a background investigation and a drug screen in accordance with all federal, state, and local laws * Display exceptional customer service and communication skills * Have intermediate computer skills to operate innovative, wireless technology at client specific sites * Ability to handle crisis situations at the client site, calmly and efficiently * Able to: * Work in various environments such as cold weather, rain/snow or heat * Occasionally lift or carry up to 40 pounds * Climb stairs, ramps, or ladders occasionally during shift * Stand or walk on various surfaces for long periods of time Closing Allied Universal provides unparalleled service, systems and solutions to the people and business of our communities, and is North America's leading security services provider. With over 200,000 employees, Allied Universal delivers high-quality, tailored solutions, which allows clients to focus on their core business. For more information: We proudly support the Veteran Jobs Mission, a group of over 200 companies that have committed to collectively hiring a total of one million military veterans. EOE/Minorities/Females/Vet/Disability Allied Universal Services is an Equal Opportunity Employer committed to hiring a diverse workforce. #ZR Requisition ID 2020-383486 Allied Universal Security Industry CA

Director, Information Security