Job Title: Director, IT - Hybrid Remote in Boise, Idaho
Pay range: $160,414.00 – 240,621.00
Savers Benefits
Geographic & job eligibility rules may apply
Healthcare Plans
Comprehensive coverage (medical/dental/vision) at a reasonable cost
Specialized health programs – Improve wellness (quit smoking, counseling, diabetes management, chronic joint pain)
Paid Time Off
Sick Pay
Vacation Pay
Paid vacation time begins accruing on hire date
Accrual rate ranges from .019 to .038 per regular hour worked
Holiday Pay
Based on position and full-time/part-time status
6 paid holidays plus 1 to 2 additional floating holidays
Team member discounts
Up to 50% off store merchandise
Flexible spending accounts
Use pre-tax dollars for eligible health and day care expenses
Employee Assistance Program (EAP)
A whole suite of free tools and resources to manage life’s challenges and maintain a healthy work-life balance
Life insurance
Company provided peace of mind and the option to purchase a supplemental plan
Additional Benefits
Annual Bonus
Performance Merit Increases
Disability Insurance
Parental Leave
Who we are:
As one of the largest for-profit thrift operators in the United States, Canada and Australia for value priced pre-owned clothing, accessories and household goods, our mission is to champion reuse and inspire a future where secondhand is second nature. We supply our stores with gently-used, one-of-a-kind items that have been donated by the community to local nonprofit organizations. We purchase these items directly from our nonprofit partners, redirecting billions of pounds of used items away from landfills and on to our store racks and shelves for reuse, and providing our partners with valuable funding for their community-based programs and services. You’ll often hear us say that we are “Thrift Proud.” It’s the millions of loyal customers who visit our 300+ stores and our more than 22,000 team members that make it possible. Learn more about the Savers® family of thrift stores, our impact, and the #ThriftProud movement at savers.com.
Our brands are Savers (in the U.S.), 2nd Ave (in the U.S.), Value Village (in the U.S. and Canada), Unique (in the U.S.), Village des Valeurs (in Quebec) and Savers Australia.
What you can expect:
The opportunity to celebrate uniqueness. We are made up of people from many different backgrounds, experiences, and perspectives, all with something special to contribute.
To work in a purpose-driven company, with a business model that people love for our impact on both the planet and local communities.
An investment in the career path interests of our people. With our aggressive store expansion plans, we recognize the importance of the continued growth and development of our team members.
What you get:
Comprehensive onboarding and training from day one.
In-house expertise! Our training department / Savers University develops and delivers robust training to every team member across our organization — from new hires to senior executives. We develop around 90% of our training internally, and partner with a variety of renowned providers to supplement our offerings.
What you’ll be working on:
Summary:
The Director, IT Security is a senior role within the Savers IT organization providing leadership and technical expertise for cybersecurity, acting as a trusted advisor to business and IT stakeholders across Savers, the largest for-profit thrift retailer in North America.
The role of the IT Security Team is to oversee the design, implementation, and maintenance of systems and processes that safeguard enterprise information, computing assets, intellectual property, team member and customer privacy, while providing data risk and compliance oversight. Primary focus includes overseeing the implementation of appropriate information technology and supporting control measures to insure the protection of electronic information, computer security and customer confidence. This position will co-chair the Information Security Committee (ISC) and work with internal stake holders to provide organizational efficiencies through the implementation and maintenance of a transparent Information Security Program that enables the business, and implements information security, privacy initiatives, standards, and controls. This position is a member of the Information Technology senior leadership team, reporting to the Chief Information Officer (CIO).
Essential Job Functions:
·Oversee the ongoing strategic implementation of an enterprise-wide cybersecurity program, aligning with company security objectives and industry best practices.
·Author, communicate, and enforce cybersecurity policies, ensuring compliance with standards.
·Lead the design and execution of a Savers-wide cybersecurity Awareness program for all employees.
·Coordinate responses to any cybersecurity or data breaches, utilizing advanced incident response strategies.
·Provide expert guidance on cybersecurity controls across the enterprise, including intrusion detection, virus protection, and access control.
·Lead the IT Compliance function, responsible for SOX compliance and general IT control compliance via the CIS framework.
·Manage the information security function comprehensively, including recruitment, development, and budgeting.
·Prepare and present (along with the CIO) the quarterly cybersecurity review to the Audit Committee of the company’s Board of Directors.
·Actively represent the organization on high-level boards and steering committees.
·Collaborate on operational risk management activities to enhance brand value.
·Identify protection goals, objectives, and metrics consistent with the strategic plan and risk management principles for the company.
·Collaborate with the Information Security Committee and other leaders to prioritize security initiatives and spending.
·Oversee the annual PCI audit and other security and IT compliance activities (i.e. IT elements of SOX controls audit).
· Strategically engage external security firms for specialized advisory activities, including PCI audit services and penetration testing.
What you have:
Required Knowledge, Skills and Abilities:
·Ability to demonstrate cybersecurity experience via certifications (CISSP, CISA, CRISC, CISM, etc.) or significant career accomplishments.
·Demonstrated understanding of cybersecurity best practices including CIS, NIST 800-53, ISO27001, and PCI DSS with demonstrated experience working with one or more of these frameworks.
·Working knowledge of information privacy requirements as it relates to Personally Identifiable Information (PII)
·Expert level understanding of key network and technical security controls
·Experience with managing cybersecurity spend and understanding the tradeoffs in managing risk vs. cost, and how risk influences decisions to make cybersecurity investment decisions.
·Experience participating in and coordinating activities for cybersecurity incident responses
·Proven ability to lead and develop a highly technical cybersecurity and IT compliance team
·Ability to work and effectively prioritize in a highly dynamic work environment
·Experience with disaster recovery planning and testing, auditing, risk analysis, business resumption planning, contingency planning; and other security mechanisms; as well as contract and vendor negotiation experience
·Must be an articulate and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate cybersecurity-related concepts to a broad range of technical and non-technical staff
·Possess a strong balance of business acumen and technology knowledge
Minimum Required Education, Training and Experience:
·10 - 15 Years of progressive experience in computing and information security, including experience with cybersecurity in a Retail environment
·BA or BS in Computer Science, Information Management, or related field. Masters a plus.
·15+ years of relevant and demonstrated experience in Enterprise level Information Security management and program execution may be used in lieu of educational requirements
Certifications:
·Industry certification including CISA, CISM, CRISC, CIPP/US are a plus.
Physical Requirements:
·The ability to communicate and understand the spoken word are important as well, for example:
·Ability to express or exchange ideas by means of the spoken word.
·Ability to receive detailed information through verbal communication, and to make the discriminations in sound.
·Ability to receive detailed information visually through written communication (both physical and electronic).
FLSA: Exempt
Travel: 10% or less
Work Type/ Location: Hybrid Remote in Boise or Greater Seattle Area
Savers is an E-Verify employer