Business Information Security Director

Company: JM Family Enterprises, Inc.
Location: Deerfield Beach
Posted on: January 9, 2022

Job Description:

What started with Jim Moran's passion for selling cars continues today with the dedication of every JM Family associate. We are one of the largest, most innovative and diversified companies in the automotive industry. And to continue driving forward, we rely on a growing team of 300 technology innovators to keep our systems operating at peak performance. Our professionals bring new ideas and innovations to work every day to solve complex challenges and address change, and to connect technology to people through agile development and design. But they do so while staying rooted in what makes JM Family such a special place to work: an atmosphere that promotes collaboration, a commitment to our core values, and a thirst for teamwork and achieving excellence. A commitment to our associates' well-being has always been a cornerstone of how we conduct business. It's in our DNA. Onsite wellness centers, top tier medical benefits, a focus on wellness, and planning for our associates' future through generous retirement savings plans are just a few of the ways we demonstrate our associate-first mission. At JM Family, we believe diversity is an opportunity, not an obligation. Our associates are the engine that drives us forward, and we are committed to maintaining a work environment where every contribution is respected. Along with our 4,300 associates, our five core values are JM Family's competitive advantage. Our company was built on the three C's - Consideration, Cooperation and Communication. Today, we also focus on Innovation and Accountability to lead the industry. Our founder Jim Moran instilled the spirit of giving back as an integral part of who we are. We keep his legacy alive by supporting meaningful programs and partnerships that drive stronger families in the communities where our associates live and work. Our efforts to reduce our footprint not only make smart business sense, but also conserve resources to create a stronger community for our associates, customers and partners. If you have a disability and require a reasonable accommodation to complete the job application process, please contact JM Family's Talent Acquisition department at talentacquisition@jmfamily.com for assistance. If you have an accommodation request for one of our recruiting events, please notify us at least 72 hours prior so that we may provide assistance.

FORTUNE 100 Best Companies To Work For is a trademark of Fortune Media IP Limited and is used under license. Posted Date 2 days ago (7/12/2021 1:59 PM) Requisition ID 2021-5528 # of Openings 1 Job Family Information Technology Overview JM Family Enterprises, Inc . is one of the largest, most innovative and diversified companies in the automotive industry. JM Family has been on Fortune Magazine's Best Companies to Work For for 23 consecutive years. What started with Jim Moran's passion for selling cars continues today with the dedication and hard work of every JM Family associate. Our principal businesses focus on vehicle distribution and processing, finance and insurance, retail vehicle sales, and dealer technology services. At JM Family, our mission is to be the premier provider of quality products and services. We accomplish this mission by adhering to our core values, the three C's, the I and the A: Consideration, Cooperation, Communication, Innovation, and Accountability. Job Description The Director of Business Information Security (DBIS) is the Security leader for their assigned business unit. They will fill the role of Information Security educator, advisor, evaluator, and strategist to the business' upper management team. The DBIS will also assist the Business IT teams that service the business units.
Combining business acumen with technical/security knowledge, the DBIS is accountable for driving Information Security and Assurance through partnering with Business unit leadership. The DBIS will understand the key assets and processes, understand the compliance/regulatory environment the business operates in, identify, and evaluate risks and controls, and suggest incremental controls or risk mitigation strategies where necessary. Additionally, the DBIS will ensure business compliance with Information Security Policies, Standards, and Controls while continuously monitoring and reporting on risks and documented exceptions. The DBIS is accountable to help the business achieve its objectives while maintaining an appropriate security posture.
The DBIS will work closely with the CISO and Information Security leadership. Tasks:

• Develop and maintain a deep comprehension of business unit processes, systems, technologies, data, customers, consumers, partners, and the compliance/regulatory environment the business operates in.
• Perform Security and Risk assessments of the business' security position specific to that business unit's data and risks. Consider requirements resulting from formal audits, compliance, and regulatory requirements.
• Act as the Security leader and liaison to InfoSec management for the business.
• Create awareness of existing Information Security tools/processes/capabilities in the business, make recommendations, and drive application. Communicate, oversee, and carry out implementations of security solutions required to meet business objectives.
• Elicit upcoming business changes that could have InfoSec implications. Influence the overall future InfoSec roadmap in ways that will meet JM Family's enterprise security needs while allowing the Business to achieve its objectives.
• Provide escalation path for security issues, business perceived security risks, incidents, and inquiries including projects and day-to-day operations.
• Partner with local Compliance, Legal, BU IT resources to achieve effective working relationships that can further the effectiveness of the Security program.
• Implement Information Security Policies and Standards across the business unit.
• Proactively identify and report on non-compliance and areas of potential improvement.
• Define, measure, and monitor meaningful metrics for the Business related to their current security position and the effectiveness of the InfoSec program. (Includes monitoring progress against strategic plans and priorities.)
• Provide timely reporting on the status of cybersecurity across the business unit, including demonstrating the value of the InfoSec program to the business.
• Work with Security Incident Response, Crisis Management, and the Business teams to assist in effectively driving incidents to acceptable resolution.
• Understand the Information Security demand needs of their assigned area of duty including projects and product teams. Work with the appropriate resource managers to establish resource availability. When there are resource limitations, the DBIS should shape demand by speaking with the Business to prioritize their requests.
• Participate in projects to reduce InfoSec resource needs. Job Requirements
  • Bachelor's degree required, preferably in computer science or information systems.
  • 10+ years of related experience, including cybersecurity and/or risk management experience in organizations of a similar scale or client-service experience in the field.
  • Broad knowledge and experience across IT infrastructure with security frameworks and standards such as ISO 17799/27001, NISPOM, PCI, and other relevant security-related regulations.
  • Proven knowledge and experience across multiple information protection and security domains.
  • Ability to frame and convey security and risk-related concepts to technical and non-technical audiences at various levels.
  • Comprehension of and ability to effectively apply trends and developments in the area of global security and risk management.
  • Advanced generalist - organizational skills and experience, including project- or role-based experience in the following: policy and standards, risk management and reporting, and change management/adoption.
  • C-level and executive interaction experience; demonstrated experience driving strategy and initiatives with cross-functional executive level stakeholders.
  • Demonstrated ability to drive organizational change and work with multiple business units of an organization to effect change.
  • Strong relationship, team building, and facilitation skills.
  • Experience with developing Business Cases.
  • Experience working in Agile or Waterfall methodology and a deep understanding of phased approaches to the Software Development Life Cycle.
  • Professional security certifications such as CISSP, CCISO, GIAC, or CISA is a plus. Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.

Keywords: JM Family Enterprises, Inc., Deerfield Beach , Business Information Security Director, Executive , Deerfield Beach, Florida