Jobs · Information Technology · Oklahoma

Cyber Security Program Manager

QuikTrip · Tulsa, OK · 2 wk ago
Information Technology$146k–$183k/yrFull-time

About the role

The Cyber Security Program Manager is responsible for leading and operationalizing QuikTrip’s Enterprise Cyber Security Program, including the development, implementation, and continuous improvement of security strategy, practices, and standards across the corporation and its subsidiaries.

Responsibilities

  • Assist in developing and overseeing QuikTrip’s Enterprise Cyber Security Strategy, practices, and programs. Assist in planning and implementing security for all computing hardware and software systems. (60%)
    • Assist and advise user departments in appropriate security procedures.
    • Protect the corporate computing infrastructure from unauthorized access.
    • Protect the company network from attacks.
    • Protect the confidentiality of company data and employee information.
    • Oversee the development and maintenance of Information Technology security and compliance standards.
    • Set policy on introduction of third-party software to the network, implement end point protection software, and monitor compliance.
  • Assist in the maintenance, development, and operation of QuikTrip’s Privacy program. (5%)
    • Governance - Ensure policies, standards and procedures are kept up to date, monitor adherence to program, establish and maintain Privacy Committee involving business leaders from across the enterprise.
    • Ensure Privacy Impact Assessments are continually run across projects or efforts around privacy, continual development of processes related to PIA’s, and perform regular compliance assessments to validate policies are affecting and being adhered to.
    • Ensure Continuous Compliance Monitoring across the enterprise to make sure the Privacy program is operating effectively. This will include audits of process, third party, controls, reporting, and incident response measures.
    • Ensure the creation of a Personal Data Inventory, including usage, processing activities, data retention, and anonymization.
    • Ensure Awareness, Training, and other communications related to the Privacy program are in place and effective.
  • Liaise and communicate effectively with external entities, such as supervisory and regulatory authorities. Ensure Cyber Security program follows relevant industry and governmental standards, including but not limited to the Payment Card Industry Data Security Standard and HIPAA Standard. (10%)
    • Fill the role of HIPAA Security Officer (HSO) by managing information security policies, procedures, and technical systems to maintain the confidentiality, integrity, and availability of healthcare information systems, conducting investigations, and maintaining records.
    • Evaluate new systems for impact.
    • Conduct annual PCI audit and submit result to QuikTrip’s acquirer.
  • Directing the work effort and providing information to internal and external resources as required. (10%)
    • Conduct an annual risk assessment of QuikTrip’s systems, evaluating risk of loss versus operating cost. Present results to Senior Management for review and acceptance.
    • Develop and produce metrics on IT Security for Board of Directors, IT Leadership, and general QT employees.
    • On request of management, present reports concerning security-related activity of specific employees or vendors.
    • Interface with QT internal auditors, financial auditors, PCI auditors, and any other external auditors as required. Provide any requested information and arrange meetings with QT personnel. Provide responses and compensating controls to audit comments.
  • Provide security support to IT department and the Company at large. (5%)
    • Lead troubleshooting efforts to resolve security issues and problems for QT systems.
    • Work with technology groups to provide general security direction, guidelines, and controls.
  • Ensure the technical design of all major systems have the appropriate levels of technology security as well as making sure all new systems adhere to QuikTrip security standards. Conduct risk assessments of new technology and custom applications. (5%)
    • Contribute to IT Strategic Planning and budgeting process, as well as day-to-day security planning, by analyzing future security needs, make recommendations on computer hardware, software, and processes.

Qualifications

  • Required education: Bachelor’s Degree, preferably in MIS or Computer Science or equivalent work experience.
  • Required experience: Extensive experience in cybersecurity program management and operations. 8+ years of cybersecurity practices and technologies spanning risk management, governance, architecture, cloud security, threat detection, incident response, and vulnerability management. Intimately familiar with cyber security frameworks like NIST and CIS.

Skills

  • Solid grasp of the issues associated with standards, compliance, security, and disaster recovery including the costs, benefits, and risks to the company.
  • Strong oral and written communications skills.
  • Project leadership skills.

Pay

$146,000-$182,520

Similar jobs

Cyber Security Program Manager

eClerxNew York, NY· 6 days ago
Information Technology$150k–$165k/yrapply on fa-ewji-saasfaprod1.fa.ocs.oraclecloud.com

Cyber Program Manager

IntelliGenesis LLC®Columbia, MD· 3 wk ago
Information Technology$165k–$195k/yrapply on intelligenesis.applytojob.com

Cyber Program Manager

Capital OneRichmond, VA· 5 days ago
Information Technology$152k–$173k/yrapply on dsp.prng.co

Cyber Program Manager

Capital OneMcLean, VA· 5 days ago
Information Technology$152k–$173k/yrapply on dsp.prng.co