Director of Information Security Engineering and Operations

Posted Date: Nov- 1-2021

Job ID: 21800

Job Type: Full Time

Job Function: Information Technology

City: Seattle

State: Washington

Store: Seattle HQ

Remote Eligible: No

Please visit the Covid-19 Hiring Updates before applying

What's cool about this job

The Director, Security Engineering and Security Operations is accountable for REI’s overall Information Technology (IT) security program. This includes but is not limited to leading security architecture and engineering, vulnerability management, security portfolio and program management, security operations center. The person in this role is the champion and advocate for IT security and works closely with REI’s enterprise risk management and security organization. This job contributes to REI’s success by developing, recommending and leading planning, strategies, and implementation of REI’s IT security program to ensure the IT environment (applications, infrastructure, SaaS, Cloud Services, and on premise data centers) is secure and protected from intentional or inadvertent modification, disclosure or destruction. Leads, coordinates and collaborates with IT leaders, managers, and staff to implement tools and processes throughout the security development lifecycle for intrusion detection and protection. The director actively keeps abreast of new technology and IT service delivery methods to ensure REI is up to date with current IT security practices.

Leading the Way:

· Identifies and communicates key responsibilities and practices to ensure the organization promotes a successful attitude, confidence in leadership, and teamwork to achieve business results.

· Supports the implementation of company programs, procedures, methods and practices to promote REI key messages.

· Oversees training and development of employees directly and indirectly managed and makes effective staffing decisions.

· Provides coaching, direction and leadership support to employees in order to achieve department, company and customer results.

· Monitors operational statistics, reports trends, variances and issues, and takes appropriate action.

Your Planning & Navigating Requirements:

· Accountable for identifying and assessing IT security-related issues currently and potentially impacting IT and business performance.

· Oversees IT security architecture including but not limited to roadmaps, assessments, principles, standards and security development lifecycle. Aligns with Enterprise Architecture on architecture principles and standards.

· Accountable for overseeing security operations center and associated tools.

· Directs the development of tools and design or re-engineering of processes for intrusion detection and prevention based on current best practices in the industry.

· Oversees vulnerability management including scanning, testing, remediation, and reporting.

· Participates in division strategic planning, applying a current knowledge and future vision of technology and systems which significantly impact the effective execution of business processes.

· Prepares budget recommendations for staffing needs, costs of equipment and tools, maintenance, and future projects. Sets IT Security and Risk Management investment portfolio in conjunction with IT leadership.

· Collaborates with other IT department leaders to identify business needs; plan, schedule, and coordinate work; and ensure integration of business needs and information technology solutions. .

· Creates and maintains staffing plans. Ensures the team is properly trained and staffed to handle the projected workload, both from an internal staffing and outsourcing standpoint.

· Performs basic line supervision, including hiring, firing, conducting performance reviews, setting performance goals, promotions, salary increases, developing subordinates, and managing performance and discipline.

· Keeps abreast of technology changes and innovations in the information technology field generally, and acts as IT “guru” and resource relative to information technology security issues, trends, tools and solutions.

· Manages or coordinates vendor relationships and contracts for products, services and support

Bring your passion and expertise

  •  3 years of information security leadership experience specific to security engineering/operations.

At REI we offer an enviable work environment that Fortune Magazine has recognized on the "100 Best Places to Work" list since the award's inception – 23 years in a row! Sure, we work hard, but it’s balanced with time off to play—a strategy that works for us as we continue to grow and thrive. Want to enjoy a workplace where you can be yourself, be heard and be respected while having a job that challenges you? This is the place.

With more than 160 retail locations (and growing), REI offers unique competitive benefits to its more than 15,000 employees, including healthcare, gear and apparel discounts, free equipment rentals and challenge grants to help employees reach personal outdoor goals, generous retirement plan contributions, public transit subsidy, adoptions assistance, paid sabbaticals, and more.

REI is an Equal Opportunity Employer

ARTICLE 23-A, Section 753

§753. Factors to be considered concerning a previous criminal conviction; presumption.

1. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall consider the following factors:

(a) The public policy of this state, as expressed in this act, to encourage the licensure and employment of persons previously convicted of one or more criminal offenses.

(b) The specific duties and responsibilities necessarily related to the license or employment sought or held by the person.

(c) The bearing, if any, the criminal offense or offenses for which the person was previously convicted will have on his fitness or ability to perform one or more such duties or responsibilities.

(d) The time which has elapsed since the occurrence of the criminal offense or offenses.

(e) The age of the person at the time of occurrence of the criminal offense or offenses.

(f) The seriousness of the offense or offenses.

(g) Any information produced by the person, or produced on his behalf, in regard to his rehabilitation and good conduct.

(h) The legitimate interest of the public agency or private employer in protecting property, and the safety and welfare of specific individuals or the general public.

2. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall also give consideration to a certificate of relief from disabilities or a certificate of good conduct issued to the applicant, which certificate shall create a presumption of rehabilitation in regard to the offense or offenses specified therein.