Share this Job

Title:  Chief Information Security Officer

Req ID:  1477
Job Category:  IT / Technology
Location: 

Doraville, GA, US, 30360

Dream With Us!

 

When you join Serta Simmons Bedding, you become part of our 220-year legacy of sleep solutions with endless opportunities to impact our future for centuries to come.

 

Once you’re here, you’ll be part of a winning company that invests and supports our team members’ career journeys.  We offer competitive benefits, job training, learning and development, and other employee perks such as our employee discount on all products.

What You'll Do:

 

  • Develop & implement a strategic enterprise information security and IT risk management program to ensure the confidentiality and availability of information owned or processed by the organization while balancing risk tolerance and financial budgets. 
  • Provide guidance to ensure SSB’s products are robustly built to be secure but workable in our customer's environments and across our software-based tools.
  • Oversee the operation and administration of all information security technology platforms, ensuring that technologies are optimally configured and maintained to provide maximum uptime and protection to the organizations’ information systems.
  • Provide technical leadership for all information security platforms. Serve as the escalation point for technical issues related to information security platforms. 
  • Develop up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices. 
  • Promote a culture of information security across all business units. 
  • Provide regular reporting on the current status of the information security program to the senior leadership team and the Board of Directors. 
  • Work with the vendor management and the legal office to ensure that information Third Party Risk Management (TPRM) requirements are included in contracts. 
  • Conduct regular technical risk assessments/audits of SSB and its key IT suppliers’ systems and infrastructure. 
  • Work with Enterprise leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for SSB to effectively address state and federal statutory and regulatory requirements.
  • Act as primary control point during significant information security incidents
  • Coordinate the management and improvements around the incident response plans and disaster recovery procedures to ensure that business-critical services are recovered in the event of a security event.

How You'll Do It:

 

  • Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements
  • Stay abreast of information security issues and regulatory changes affecting industry at the state, national and international level, and communicate to key stakeholders on a regular basis about those topics
  • Coordinate and track all information technology and security related audits including scope of audits, business units / functions involved, timelines, auditing support, outcome & remediations

What You'll Bring:

 

  • Minimum of 15 years of experience in a combination of information security, risk management and related IT leadership roles. Ideally 5+ years gained in rapidly growing, fast moving, and changing environments within a retail &/or manufacturing company of $1B+. 
  • Extensive experience with regulatory requirements related to SOX, PCI DSS, CCPA, etc., including implementation and validation through external audits
  • Professional security management certification is highly desired, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials. 
  • Software Development Life Cycle (SDLC) experience
  • Knowledge and experience initiating, implementing &/or maintaining common information security management frameworks, such as ISO/IEC 27001, PCI and Soc 2 Type 2. 
  • Strong knowledge of security implications involving a variety of technologies including but not limited to; Cloud (AWS, Azure, etc.), Endpoint Management, User Identity Management, Ransomware Detection, SAST and DAST. 
  • Experience with incident response and analysis, preferable in a leadership role.
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences. 
  • Ability to build relationships and lead through influence, both with internal and external stakeholders and customers. 
  • Design release experience, change management experience & systems experience
  • Bachelor’s degree in Information Technology, Computer Science, Engineering or related field. Master’s degree preferred. 

Come Dream With Us!

 

When you join Serta Simmons Bedding, you become part of our 220-year legacy of sleep solutions with endless opportunities to impact our future for centuries to come.

 

Once you’re here, you’ll be part of a winning company that invests and supports our team members’ career journeys.  We offer competitive benefits, job training, learning and development, and other employee perks such as our employee discount on all products.

 

Serta Simmons Bedding is an Equal Opportunity and Affirmative Action Employer with a Drug-Free Working Environment.  It is committed to not discriminating and treating all qualified applicants equally without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. 


Nearest Major Market: Atlanta