At Macy’s, we’re moving fast—we’re at top speed to become America’s premiere omni-channel retailer. Macy’s technology hub strives to set the pace by providing seamless and compelling shopping experiences for our Macy’s and Bloomingdale’s customers. Macy’s Technology is creating innovative technology solutions to support these experiences and define the future of retailing.
Macy’s Technology is seeking a Director of Enterprise Threat Response. The Director will provide direction and leadership for threat management projects and operations, collaborate with Privacy, Legal, Fraud, Digital Site Support and other areas of the business as needed, and establish a single cohesive unified direction for security that will protect the Macy’s enterprise network, Macys.com/Bloomingdales.com, customer experience, and customers’ data. Performs other duties as assigned.
• Overall responsibility for leading Macy's enterprise-level threat management projects and ensuring positive results.
• Protecting the Macy's enterprise and ensuring security visibility across the environment is properly achieved and maintained.
• Collaborate with Legal and Privacy groups on enterprise security initiatives and act a single point of contact for security related items, and report efforts to management on a regular basis.
• Work with Audit and Compliance groups on active audits, vulnerability management, and risk assessment processes.
• Provide strategic leadership and planning in multiple security areas in an effort to protect Macy's from emerging malicious attacks and to protect both the Macy's enterprise and our customer’s data.
• Provide regular updates to senior management on security areas highlighting both strengths and any weaknesses that exist within the company's defenses.
• Consistently demonstrates regular, dependable attendance & punctuality.
• The selected Director will be a major influencer in the decision making process.
• Regular, dependable attendance & punctuality.
• Bachelor’s degree and minimum of 10 - 15 years of experience in IT or Information Security preferred.
• CISSP required, CISM or CRISC a plus.
• Strong working knowledge of Regulatory Compliance Requirements - including, but not limited to, PCI-DSS, SOX, and GLBA.
• Advanced level knowledge with security infrastructure design and architecture, for both new implementations and mitigating controls for existing infrastructure deployments.
• Experience designing, creating, and implementing enterprise wide security strategies, policies, and standards.
• Experience protecting large enterprise environments from both internal and external attacks.
• Strong working knowledge of Application and Web Security as it relates to vulnerability management and application flows and design.
• Advanced level knowledge in Security Incident Handling and Management, and vulnerability management processes.
• Advanced level knowledge in the areas of Governance, Risk Management, and Compliance controls.
• Expert level understanding of current and emerging security technologies, defense strategies, and industry standards.
• Must be able to determine and recommend security related products and activities to ensure a stable and secure environment.
• Excellent interpersonal skills, team building and communications skills (written and verbal).
• Ability to negotiate with external vendors and internal partners.
• May involve close vision, color vision, depth perception, and focus adjustment.
• Advanced level leadership, facilitation, and interpersonal skills, with the ability to work across functional lines and at many levels.
• Ability to work a flexible schedule based on department and company needs.
Macy’s Inc. is one of the nation’s premier retailers. With fiscal 2016 sales of $25.778 billion and approximately 140,000 employees, the company operates more than 700 department stores under the nameplates Macy’s and Bloomingdale’s, and approximately 125 specialty stores that include Bloomingdale’s The Outlet, Bluemercury and Macy’s Backstage. Macy’s, Inc. operates stores in 45 states, the District of Columbia, Guam and Puerto Rico, as well as macys.com, bloomingdales.com and bluemercury.com. Bloomingdale’s stores in Dubai and Kuwait are operated by Al Tayer Group LLC under license agreements. Macy’s, Inc. has corporate offices in Cincinnati, Ohio and New York, New York.
This job description is not all inclusive. Macy’s Inc. reserves the right to amend this job description at any time. Macy's Inc. is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.