Director of Security Operations

Recruiter
Neiman Marcus
Location
Irving, Texas, United States
Posted
25 May 2022
Closes
03 Aug 2022
Ref
21477
Function
Technology
NEIMAN MARCUS GROUP

Neiman Marcus Group (NMG) has been the premier destination for luxury fashion and goods, superior service, and an elevated retail experience for more than a century. Today, 9,000 associates contribute to the success of NMG's brands: Neiman Marcus, Bergdorf Goodman, Last Call, and Horchow. There are 38 full-line Neiman Marcus stores in cosmopolitan markets across the United States and a sophisticated digital platform that attracts shoppers worldwide. Bergdorf Goodman operates two stores in landmark locations on Fifth Avenue in New York City and BergdorfGoodman.com, catering to loyal luxury customers globally. NMG also owns five Last Call stores and Horchow.com, an e-commerce site that offers premium furniture and home decor.

As an organization, NMG is on a transformational journey to become the preeminent luxury customer platform. NMG continues to deliver the best integrated customer experience and has evolved the business to succeed in the ever-changing retail landscape. NMG is a relationship business. What differentiates the organization from other luxury retailers are its unique assets: a strong store footprint, the most knowledgeable associates, an engaging online experience, solid brand partnerships, innovative digital and in-store experiences, the most loyal luxury customer base, and a strong balance sheet.

Our customers will always be at the center of everything NMG does. The company continues to reinvest in new technologies that enhance the customer experience. NMG meets customers where they are. NMG's goal is to offer customers a seamless experience across its stores, online, and remote digital selling.

NMG's priority is to develop a highly engaged and high-performing team where everyone belongs. The business attracts and retains best-in-class talent through unique offerings provided to associates in addition to standard employer benefits. These include an innovative way of working, associate discounts on merchandise, tuition reimbursement, associate hardship fund, and paid time off to volunteer, to name a few.

As part of NMG's Environmental, Social, Governance (ESG) work, the organization is focused on driving its core value of being "All Heart." NMG is also assessing its current environmental and social impact while developing a three-year plan to lead the luxury industry in its commitment and transparency to environmental and social sustainability. NMG strives to become an employer of choice, driven by a culture of Belonging. A dedicated team focuses on this journey, directly impacting how NMG conducts business throughout the workforce, workplace, and marketplace dimensions.

NMG has incredibly passionate and committed corporate and store associates. NMG offers associates an environment where everyone feels welcomed, nurtured, and empowered. Our associates are the heart of NMG. As an organization, NMG leads with love - love for customers, love for associates, and love for brand partners.

Neiman Marcus Group (NMG) is looking for a dynamic, motivated, creative, disciplined, self-starter with excellent interpersonal skills to lead the core security operations team under the Chief Information Security Officer.

The Director of Security Operations will be responsible for all routine operational components of Neiman Marcus Group's (NMG) Information Security Program. Major components of this program include oversight over the managed security service provided by a third party SOC provider and the development and maintenance of an incident response program and a crisis management program.

The Director of Security Operations will a lead small team of analysts in establishing oversight and reporting over security technologies that are being utilized within the Neiman Marcus Group. In effect, the Director of Security Operations will lay the foundation of an effective information security program by building several of the capabilities from the ground up.

PRINCIPAL ACCOUNTABILITIES:

      • Development of appropriate policies, procedures and guidelines to govern day to day security operations
      • Oversight over the managed service provider for SOC services
      • Monitoring of alerts produced by the SIEM system and ensuring appropriate incident response
      • Creating and maintaining a forensics program to ensure that incidents can be duly investigated
      • Creating and maintaining an Incident Response program to ensure that the appropriate playbooks exist outlining responses to various types of cybersecurity incidents
      • Oversight over the company's identity and access management strategy and roadmap
      • Ensuring that a patch management program is in place and is being followed by the infrastructure services team
      • Creating and maintaining a threat intelligence program to ensure that relevant security concerns are identified early and appropriately socialized with the various teams
      • Ensuring that a comprehensive vulnerability management program is implemented and maintained
      • Ensuring the end point security controls are operating effectively
      • Maintaining a security awareness program


INTERNAL/EXTERNAL RELATIONSHIPS (Scope ):

INTERNAL:

Interacts daily with the Neiman Marcus Product and Technology teams, the Managed Services Provider (onshore and offshore), the IT Vendor Management Organization, IT Project Management Office, and various contracted IT resources. Meets frequently with various business units to assess and evaluate information security services.

Must be able to build relationships with technology and business teams across the company. An outgoing, well spoken, mature personality is a MUST for this position.

EXTERNAL:

Interacts routinely with vendors, service providers, consultants/advisors, law enforcement agencies and professional organizations.

KNOWLEDGE AND EXPERIENCE GUIDELINES:

  • Bachelor's or Master's degree in a computer or information management field is required. Candidate MUST have a current CISSP.
  • Ten or more years' experience in an Information Security role, currently serving as Director of Information Security in a reputable company, with hands on experience in a multitude of security technologies to include, but not limited to:
  • Logging and monitoring systems
  • Intrusion detection and prevention systems
  • Proxy filtering systems
  • Scanning and vulnerability management systems
  • Identity and Access Management Technologies
  • Advanced Malware Protection
  • Email security system
  • Threat Intelligence
  • Experience with heterogeneous operating systems and technologies such as Windows, UNIX/Linux, Mainframe, Palo Alto, Juniper and Cisco etc. Must have some familiarity with cloud based technologies and environments.
  • Demonstrated experience with managing teams in a high paced environment. Understanding of security metrics and creation of effective dashboards for management review and consumption.
  • Experience with implementing and documenting PCI and SOX-404 controls
  • Excellent interpersonal and communications skills (oral and written)

Similar jobs

Similar jobs