Sr. IT Security Manager

Business Unit Overview

Here's what all the hype is about: Premier Nutrition Company (PNC) is one of the fastest-growing companies in the convenient nutrition space showing clear leadership in the category of protein shakes and protein powders. We make the brands Premier Protein, Dymatize, and PowerBar, which is sold internationally, and we are part of our holding company, BellRing Brands (NYSE: BRBR).

We have a simple, yet powerful, formula for our success, which we've been nailing for over 15 years. We start off with an organization powered by our company purpose-Changing Lives with Good Energy. Then our purpose-driven people are given the support and autonomy to develop and grow. Next, we are super-intentional about designing a culture where everyone feels like they truly connect and belong, which is one of our five company core values. Purpose-driven, connected employees who are consistently mastering new skills deliver amazing business results. And winning companies with amazing people and thriving cultures attract and retain top talent, so the cycle becomes self-reinforcing or what we call our regenerative culture.

We don't mind sharing our formula since, as people who we believe in the power of changing lives with good energy, we think the world would be a better place if more workplaces treated adults like adults and gave them the platform to do the best work of their lives-alongside some truly amazing colleagues. Why don't more companies do this? It takes deep-in-your-bones conviction to your people, products, and purpose to pull it off. It also takes resisting the urge to try to control people, and instead trusting them to make the right decisions. The results of our vibrant culture speaks for themselves: We were certified as a Great Place to Work for the 7th year-running in 2023. And we currently rank #2 on Fortune Magazine's Best Workplaces in our category, and in the top 12 for each of the last 5 years.

We have a long list of ways we take care of our people, but here are some crowd-pleasers that our employees often say they love most: Year-round ½ day Fridays, in-office massages, free lunches & snacks, dogs in the office, month-long cultural annd diversity celebrations, monthly over-the-top in-office events like bring your kids to work day, 6% 401k match after 1 year, as-needed sick leave, generous paid family leave regardless of gender, all positions bonus-eligible, company-wide volunteer days, company-matched charitable donations, no employee handbook, no dress code, coaching conversations instead of performance reviews, walking meetings, free exercise classes, and company-paid gym membership for Emeryville-based employees.

PNC seeks individuals who will flourish in this type of work environment and will add to our culture and help build this high-growth company for the next phase in our amazing journey. Does this sound like you? Then read on…#LI-hybrid

Responsibilities

The Role…

The IT Security Manager's primary responsibility is to manage, troubleshoot, deploy, and secure Bellring Brands Information Systems. This includes everything within the NIST Security Framework including policy development, risk assessment, system selection/administration, incident response, and proactive defense/identification. This role will also have some system administration responsibilities over relevant IT security controls and operations. The right candidate will have a proven track record in developing the best security programs and improving PNC's security posture

This position will be based out of our 60,000 sq. foot, modern Emeryville, California office. WE ARE A CULTURE OF PERSONAL CONNECTON, WHICH IS WHY WE'VE CHOSEN A PERMANENT HYBRID WORK ENVIRONMENT WITH NORMS THAT EQUATE TO 2-3 DAYS MID-WEEK IN THE OFFICE FOR EMPLOYEES BASED IN NORTHERN CALIFORNIA.

The expected pay scale this role is $170k to $180k, which may vary based on relevant experience, qualifications, geographic area (if applicable), and internal equity for the role.

You're excited about this opportunity because your time will be filled with…

IT Security Leadership: 35% of Time

• Build and implement strategy around information security, information governance, data loss prevention, data classification and labeling, retention/deletion, legal hold processes, identity and access management, identity governance, cloud architecture

• Research and recommend security improvements to our Information Systems

• Stay abreast of changes/vulnerabilities in the security landscape

• Improve user awareness, education, and security adoption

• Participate in reviews and audits of various security controls

• Improve the existing vulnerability management reporting system. Upgrade monthly/quarterly analytics and vulnerability KPI/Metric reporting for executive staff.

• Ensure the security of all data, resident on the network and endpoints

• Interface with peers in all departments as well as with leaders of the business units to both share the corporate IT security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.

• Develop and maintain a strong and effective team with clear accountabilities and direction

• Administration, Support and Maintenance of Enterprise Infrastructure: 25% of TIME

• Monitor existing security tools and processes for anomalies and generate appropriate alerts when these anomalies are detected

• Participate in Incident Response investigations and related remediation efforts

• Participate in reviews and audits of various security controls

• Recommend "best practice" Microsoft security solutions to security-unique challenges

• Provide guidance on setting and maintaining the security aspect of different M365 services such as Email, Teams, SharePoint, OneDrive, and Power Platform services Azure and Sentinel

• Create reports using various office tools (PowerPoint, Excel, Word, Tableau, PowerBi) for various security management needs

• Gather and report on various security metrics. As directed, develop the processes to capture and report on new metrics

• Helps in determining the methods, instrumentation, training, documentation, and processes for imple-menting security controls

Projects: 25% of Time

• Implement security program across all business units and improve security position

• Design and implement security and/or compliance solutions for M365 including Microsoft 365 Defender, Azure Sentinel, Microsoft Information Protection, Microsoft Cloud Application Security

The daily stuff that everyone does but few quantify: 15% of Time

• Attending meetings and presentations

• Participating in company-wide activities and events galore

• Impromptu conversations with colleagues

• Administrivia like email, calendaring, expense reports, and other non-value-added work

Qualifications

What are we looking for?

Education:

• Bachelor's degree in a related field or equivalent years of industry experience

Experience:

• 6+ years relevant IT experience

• Microsoft O365 security & Azure experience strongly preferred

• Experience with foundational infrastructure elements like networking, Azure active directory, Azure, SharePoint, file storage, permissions and access control, etc.

• Experience with system management tools such as Intune and MCAS

• Experience of NIST Cyber Security Framework (CSF) and the CIS Critical Security Controls

• Experience with SIEM software and log collection facilities

• Experience in information security, malware, and infrastructure security

Skills:

• Excellent verbal and written communication skills

• Ability to effectively communicate and develop project plans with outsourced providers

• Ability to function effectively in a complex rapidly changing environment.

• Ability to provide recommendations to adjust systems or processes to prevent issue recurrence

• Ability to prioritize, troubleshoot, track, and resolve day-to-day issues

• Solid understanding of business security practices and procedures

So, if after reading through this long list you're thinking-I'm not sure I meet 100% of these requirements, should I still apply? YES-if you embody a growth mindset, see challenges as opportunities to develop, and find innovative ways to get the real work that matters done, you sound like our kind of candidate!

Five capabilities that differentiate this role and are key to candidate success:

1.Being all-in

2.Drive and own results

3.Learning & growth mindset

4.Adaptability

5.Be a builder

You will thrive here and may just do the best work of your life if…

• You are comfortable being natural, casual, open, and even a bit playful at work

• You can be friendly, vulnerable, and self-deprecating in one moment, and deal with a challenging, delicate matter as a professional in the next

• You can do periods of focused, deep work on projects that drive the needle

This may not be your ideal next career move if…

• You like a lot of structure, rules, and uniformity

• You like order, hierarchy, command and control management

• Dealing with ambiguity or experimentation are not your jam

• You try to resolve challenging interpersonal situations over email or instant messaging

• You tend to chase whatever shiny object presents itself during the day even if non-strategic

If we haven't convinced you to apply already, here are some of our favorite perks and benefits:

• Friday afternoons off year-round (and of course a hefty PTO package plus 11 holidays)

• 6% 401K match. Literally free money

• Hybrid work with an average of 2-3 days a week in the office for local folks

• All jobs are bonus-eligible

• Work-out time during work

• Free custom lunch twice a week. Plus, plenty of snacks and shakes.

• 2 weeks of work from anywhere time to move your Big Rocks

• Quarterly team building events/happy hours (city-wide scavenger hunt, bowling, ropes course, putt-putt)

• Bring your dog to work (3 days/week)

• Extended paid parental leave regardless of gender or familial make-up

We strive to create an equitable and inclusive environment to contribute to the success of our organization. Premier Nutrition provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, status as a covered veteran and any other category protected under applicable federal, state, provincial and local laws.