Advantage Sales and Marketing Merchandising Jobs

Job Information

Advantage Solutions Senior Director Information Security and Risk Management in Irvine, California

Summary

Sr Director Information Security and Risk Management

Reporting to the VP and Chief Information Security Officer, the Sr. Director Information Security and Risk Management serves as a strategic leader for Advantage Solutions and is a key collaborator and partner with members of the leadership team in IT Security. The leader is a key contributor to the IT Security team and Advantage Solutions’ overall strategy and goals by providing consistent, coordinated leadership and operating in a partnership with leaders, stakeholders, and partners.

Job Duty

The Sr. Director, Information Security Risk Management’s responsibilities include but are not limited to:

  • Support the strategic initiatives of Advantage Solutions’ Information Security and Risk Management program designed around the defense-in-depth principle.

  • Lead the independent risk assessment of partners, suppliers, technology, security, and resilience programs and provide effective challenges to the design and execution of technical and procedural controls.

  • Engage within and outside the organization to conduct external benchmarking, gain knowledge and have situational awareness on the latest regarding risks regulatory changes, etc., and assess for gaps in current practices.

  • Lead in the development of enterprise information risk metrics (e.g. KRIs and KPIs) to continuously monitor, manage and improve program level risks.

  • Assure alignment of operational initiatives to Advantage Solution Information Security Risk Standards and Policies.

  • Consults as a senior advisor for our enterprise risk management capabilities regarding information risk.

  • Participate in the department’s financial tracking and budget preparation

  • Supports the CISO in the development and communication of strategy, roadmaps and initiatives to various executive audiences.

  • Establish key functions of the Enterprise Governance, Risk, and Compliance Management program with a focus on protecting the company’s assets.

  • Lead enterprise information strategies, planning, and priorities to expand our existing strategic risk management capabilities into the next level of tactical risks in cyber and business continuity, allowing us to identify and manage risks effectively.

  • Develop, implement, monitor, and report on all aspects of enhanced and robust policies, standards, controls, Third-Party Risk Management, Vulnerability Management, Identity and Access Management, Project Risk Assessment, and Compliance assurance capability.

  • Lead the development and implementation of information security policies, standards, controls, and compliance programs to meet regulatory and audit objectives.

  • Identify potential areas of security and compliance vulnerability and risk; develops/implements corrective action plans for resolution of problematic issues and provides general guidance on how to avoid or deal with similar situations in the future.

  • Identify and evaluate the organization’s risk areas and provide key input to the development of internal controls.

  • Provide and coordinate subject matter expertise during development or refresh of information security policies, standards and other guidance, as necessary.

  • Develop reporting processes to communicate progress of in-flight initiatives, risks and planned initiatives to senior executives and stakeholders in other business units.

  • Identification of risks within the scope of the discipline, including emerging technology, mergers and acquisitions, sales and marketing, architecture, governance, and use of technology platforms.

  • Partner with cross-functional business units to develop, initiate, maintain, and revise policies and procedures to ensure world-class security for the operation of enterprise compliance.

  • Partner with cross-functional operational business partners to oversee risk management frameworks and identifying shifts in the organization’s implicit risk appetite.

  • Hires, retains, trains, coaches, guides, directs, and develops direct reports using company-wide processes, tools, and resources

Qualifications

  • 15+ years experience in IT Security & Risk area with 8+ years in IT Security leadership/management

  • Industry knowledge of information risk management principles and organizational requirements that are relevant to confidentiality, integrity, and availability of data

  • Requires broad management knowledge to lead project teams in one department/function or large centralized function.

  • In addition, requires business acumen, strategic thinking, financial analytical skills, and decision-making skills.

  • Master's degree preferred; or combination of relevant work experience and education

  • CISM, CRISC, Data Privacy: one or more certifications preferred.

Responsibilities

The Company is one of North America’s leading sales and marketing agencies specializing in outsourced sales, merchandising, category management and marketing services to manufacturers, suppliers and producers of food products and consumer packaged goods. The Company services a variety of trade channels including grocery, mass merchandise, specialty, convenience, drug, dollar, club, hardware, consumer electronics and home centers. We bridge the gap between manufacturers and retailers, providing consumers access to the best products available in the marketplace today.

Essential Job Duties and Responsibilities

Job Duty

The Sr. Director, Information Security Risk Management’s responsibilities include but are not limited to:

-Supports the strategic initiatives of Advantage Solutions’ Information Security and Risk Management program designed around defense-in-depth principle.

Lead the independent risk assessment of partners, suppliers, technology, security and resilience programs and provide effective challenge to the design and execution of technical and procedural controls.

Engage within and outside the organization to conduct external benchmarking, gain knowledge and have situational awareness on latest regarding risks regulatory changes, etc. and assess for gaps in current practices.

Lead in the development of enterprise information risk metrics (e.g. KRIs and KPIs) to continuously monitor, manager and improve program level risks.

Assure alignment of operational initiatives to Advantage Solution Information Security Risk Standards and Policies.

Consults as a senior advisor for our enterprise risk management capabilities regarding information risk.

Participate in the department’s financial tracking and budget preparation

Supports the CISO in development and communication of strategy, roadmaps and initiatives to various executive audiences.

-Establish key functions of the Enterprise Governance, Risk and Compliance Management program with a focus on protecting company’s assets.

Lead enterprise information strategies, planning, and priorities to expand our existing strategic risk management capabilities into the next level of tactical risks in cyber and business continuity, allowing us to identify and manage risks effectively.

-Develop, implement, monitor and report on all aspects of an enhanced and robust policies, standards, controls, Third-Party Risk Management, Vulnerability Management, Identity and Access Management, Project Risk Assessment, and Compliance assurance capability.

Lead the development and implementation of information security policies, standards, controls and compliance program to meet regulatory and audit objectives.

Execute Annual Risk Assessment.

Identify potential areas of security and compliance vulnerability and risk; develops/implements corrective action plans for resolution of problematic issues and provides general guidance on how to avoid or deal with similar situations in the future.

Identify and evaluate the organization’s risk areas and provide key input to the development of internal controls.

Provides and coordinates subject matter expertise during development or refresh of information security policies, standards and other guidance, as necessary.

Develop reporting processes to communicate progress of in-flight initiatives, risks and planned initiatives to senior executives and stakeholders in other business units.

-Identification of risks within the scope of the discipline, including emerging technology, mergers and acquisitions, sales and marketing, architecture, governance, and use of technology platforms.

Partner with cross functional business units to develop, initiate, maintain, and revise policies and procedures to ensure world-class security for the operation of enterprise compliance.

Partner with cross functional operational business partners to oversee risk management frameworks and identifying shifts in the organization’s implicit risk appetite.

Supervisory Responsibilities

Direct Reports

  • Hires, retains, trains, coaches, guides, directs, and develops direct reports using company-wide processes, tools and resources

Indirect Reports

  • May delegate work of others and provide guidance, direction and mentoring to indirect reports

Travel and/or Driving Requirements

  • Travel and Driving are not essential duties or functions of this job

  • Travel up to 0%

Minimum Qualifications The following are the minimum job-related qualifications which an individual needs in order to successfully perform the essential duties and responsibilities of the job

Education Level: (Required) : Bachelor's Degree or equivalent experience

CISM

(Desired): CISA, CRISC

Field of Study/Area of Experience:

15+ Years of experience in Security

Skills, Knowledge and Abilities

Qualifications

· Industry knowledge of information risk management principles and organizational requirements that are relevant to confidentiality, integrity, and availability of data

· Requires broad management knowledge to lead project teams in one department/function or large centralized function.

· In addition, requires business acumen, strategic thinking, financial analytical skills and decision-making skills.

· Minimum 12 years prior relevant experience, including at least 6 years of management experience.

· Bachelor’s degree required.

· Master's degree preferred; or combination of relevant work experience and education

· CISM, CRISC, Data Privacy: one or more certifications preferred.

Key Job Competencies

· Leadership

· Executive presence

· Superior communication skills

· Builds trust and relationships

· Drives results

· Business focused

· Strategic Thinking

· High integrity, ethics and clarity of purpose

· Analytical

Environmental & Physical Requirements

Office / Sedentary Requirements

Work is performed primarily in an office environment.

Additional Information Regarding Advantage Solutions Job Duties and Job Descriptions

Job duties include additional responsibilities as assigned by one’s supervisor or other manager related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law.

Important Information

The above statements are intended to describe the general nature and level of work being performed by people assigned to this position. They are not intended to be an exhaustive list of all responsibilities, duties and skills required of associates so classified.

The Company is committed to providing equal opportunity in all employment practices without regard to age, race, color, national origin, sex, sexual orientation, religion, physical or mental disability, or any other category protected by law. As part of this commitment, the Company shall provide reasonable accommodations of known disabilities to enable an applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law.

Job Locations US-CA-Irvine

Primary Posting Location : City Irvine

Primary Posting Location : State/Province CA

Primary Posting Location : Country US

Requisition ID 2021-342804

Position Type Full Time

Category Professional: (IT, Finance, Legal, HR, Talent Acquisition, Administrative, Customer Service)

DirectEmployers