Director - Security Governance and ComplianceJob ID 190438
Equal Opportunity Employer
The Information Technology (I.T.) division of Enterprise Holdings builds and implements powerful solutions that help to drive and support the global operations of our brands and businesses, including Alamo Rent A Car, Enterprise Rent-A-Car and National Car Rental. With 9,000 branch locations across the world and more than 93,000 employees, Enterprise Holdings and its affiliates own and operate almost 1.7 million cars and trucks.
Here, you will be part of a team that creates and delivers leading-edge technologies and expansive systems that impact every aspect of our growing businesses. We provide the resources to enable and develop our more than 2,000 innovative I.T. professionals in a variety of career paths. This is where it all starts. All systems GO!
The Information Technology division of Enterprise Holdings, Inc. (EHI) enables solutions that help drive and support the global operations of its brands and businesses, including Alamo Rent A Car, Enterprise Rent-A-Car and National Car Rental. EHI takes security as a practice very seriously and confirms this as a priority for every person engaged in its business. The IT Security team is constantly aligning to the new ways customers use technology via such means as mobile, global, in-car, and Cloud, and proactively protect against new and different risks every day.
We currently have an exciting opportunity for a Director of Security Governance & Compliance that will report directly to our Vice President, Information Security Officer. This role will have oversight of our Global Security Governance and Compliance functions, and is an ideal opportunity for a dynamic, high performing and transformational leader to grow and develop. The purpose of this critical leadership position is to mature, expand and optimize our security governance capabilities while positioning the organization to be agile and ready to respond to the ever changing security environment.
The successful candidate will be an integrator of people, processes and technology, a visionary thought leader, a problem solver, and will have a deep background in Information Security concepts, with a specific focus on Security Governance & Compliance topics including: unified control frameworks, internal policy compliance, external regulatory compliance (PCI, HIPAA, GLB, etc), vendor IT risk management, customer sourced security assessments, and risk management. You will be responsible for fostering a highly creative, collaborative, innovative, solutions-oriented approach to enhance the partnership and service orientation standards embodied within EHI.
- Driving strategy of maturing our Governance and Compliance efforts to achieve an exceptional level of Risk Management.
- Lifecycle ownership of our internal security policies including compliance assurance.
- Managing 3rd party related IT risk including security assessments, risk assessments and definition of contractual requirements.
- Responding to customer sourced security requests.
- Ownership of our formal Security Governance process which aligns and prioritizes security initiatives.
- In partnership with Business Management and Service Owners, drive consistent and measurable risk identification and management process for decision making by senior leadership.
- Develop and manage multiple teams through full employment cycle including performance management, and career development; build an effective leadership bench/ lead others in doing the same.
- Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
- Must be committed to incorporating security into all decisions and daily job responsibilities
- 10+ years of Information Security experience
- 5+ years Security Governance & Compliance experience
- Demonstrated success leading large technical teams; with at least five (5) years’ experience leading other technical and people leaders
- 7+ years’ experience successfully leading and developing individual contributors, inclusive of career development, performance management, and hiring/firing.
- Strategic decision-making skills with a high degree of latitude
- Proven success creating, implementing, and executing transformational strategy
- Executive-level written and verbal communication skills as well as interpersonal and collaborative skills
- Must have the ability to position oneself effectively as a thought leader in the area of Information Security (internally and externally) by communicating concepts with poise
- Must act calmly and competently in high pressure and high stress situations to technical and non-technical audiences
- Must possess an executive presence and demonstrate an ability to interact and navigate executive level conversations and presentations with comfort and ease
- Thorough and up-to-date understanding of technological trends and developments in the area of service management and technology business management
- Proven ability to implement creative and innovative approaches to large, complex programs and business problems
- Past success navigating ambiguous scenarios with limited information or direction
- Proven success in leveraging cross-functional resources across departments and groups – or – proven success gaining buy-in from decisions makers and stakeholders across IT and the business
- An MBA or graduate level degree in the information technology field is strongly preferred, or comparable experience
- CISSP or CISM strongly preferred