Portfolio Information Security Officer

Information Security, SME, Strategy, Risk, Governance, Business Liaison, Enterprise Security, Infrastructure
Full Time, perm
Market
Work from home not available Travel not required

Job Description

The Information Technology Department has an opening for a Portfolio Information Security Officer (PISO) within the Information Security team. This position is located in Pleasanton, California.






Position Purpose



The Portfolio Information Security Officer (PISO) functions as the security leader within their area of responsibility. The PISO serves as the trusted advisor, both to the Portfolio owner and to the CISO. This role will have dual reporting structure, a dotted line to the Portfolio Executive and one reporting to the Chief Information Security Officer and is responsible for establishing and driving a Portfolio specific Information Security program aligned with the Portfolio's risks and the Albertsons Information Security Program (AISP). This role will liaise between the Portfolio owner and Albertsons Information Security team, keeping clear lines of communication including but not limited to; transparency to the Portfolio management team on upcoming security initiatives, reporting of potential security risks to the CISO and appropriate stakeholders. In addition, this role will ensure the Portfolio is in compliance with the Information Security Policy and Standards while continuously monitoring and reporting on risks and documented exceptions.






Key Responsibilities include, but are not limited to:



Establish a documented Information Security Program and supporting strategy for the Portfolio:




  • Ensure program is aligned with the Albertsons Information Security Program, Policies, and Standards

  • Ensure inclusion of all applicable regulatory, legal and contractual obligations

  • Leverage the Enterprise and Portfolio specific Information Security Risk Assessments to establish and monitor the program

  • Update the program annually



Areas of Responsibility (AOR):




  • Information Security Risk Management

  • Policy Compliance

  • Access Management

  • Data Protection

  • Education and Awareness

  • Identify regulatory changes that may affect Portfolio and AISP



Partnership:




  • Provide input into the Albertsons Information Security Program

  • Review and provide input into the Information Security Policy and Standards

  • Ensure clear lines of communication between the Portfolio and the Chief Information Security Officer

  • Provide reporting on the state and efficacy of security controls for their projects and platforms

  • Securing ongoing security funding for special/complex projects, and evangelizing security awareness across the Portfolio



Key Success Criteria:




  • Support the Business Unit and CISO in seeking cost optimizing and driving a reduction in operations costs of managing the security controls.

  • Increased levels of security across designated Business Unit.

  • Improved compliance with security standards and policies across Business Unit teams.

  • Greater awareness of information security and data privacy requirements (globally); and

  • Drive adoption of global security program standards throughout the product and core business platform teams.






Qualifications:




  • Bachelor's Degree or equivalent experience

  • 8+ years or more year of experience in audit or information security related role.

  • 2+ years of retail business experience preferred.

  • Information security professional certification desired (CISSP, CISM, CISA etc.)

  • Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security

  • Project management experience highly desired

  • Ability to interpret and apply policies and regulations across a large, complex business

  • Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker

  • Excellent communication and Interpersonal skills with the ability to effectively present technical information and tailor responses to customer understanding.

  • Demonstrated ability to work independently and be a strong collaborative partner in a matrixed organization.

  • Strong sense of urgency, business ethics, dependability and follow through.

  • Advanced skills with MS-Windows and other related PC applications






How to Apply: Interested candidates are encouraged to submit a resume by visiting careersatsafeway.com






Diversity is fundamental at Albertsons-Safeway. We foster an inclusive working environment where the different strengths and perspectives of each employee is both recognized and valued. We believe that building successful relationships with our customers and our communities is only possible through the diversity of our people. A diverse workforce leads to better teamwork and creative thinking, as well as mutual understanding and respect.






The Albertsons-Safeway policy is to provide employment, training, compensation, promotion and other conditions of employment without regard to race, color, religion, sexual orientation, gender identity, national origin, sex, age, disability, veteran status, medical condition, marital status or any other legally protected status.






We support a drug-free workplace -- all applicants offered a position are required to pass a pre-employment drug test before they are hired.






AN EQUAL OPPORTUNITY EMPLOYER




Dice Id : SAFEWAY
Position Id : ITEC753488
Originally Posted : 9 months ago
Have a Job? Post it