Director of Information Security
Kwik Trip, Inc. · La Crosse, WI · 2 wk ago
On-siteInformation TechnologyFull-time
Key Responsibilities
- Lead and develop the Information Security department, including multiple teams of managers, engineers, analysts, and security professionals
- Define and execute short to mid-term 1 to 3 year cybersecurity strategies aligned with business goals and organizational risk tolerance
- Own the operational delivery of security services, ensuring capabilities are reliable, scalable, and effective
- Establish and maintain enterprise security governance, policies, standards, and procedures
- Lead security operations, incident response, vulnerability management, and threat detection programs
- Drive enterprise identity and access management strategies to protect critical business systems and data
- Oversee governance, risk management, compliance, and audit activities to support regulatory and business requirements
- Partner with technology and business leaders to integrate security into projects, platforms, and operational processes
- Lead security architecture and technology roadmaps that support secure growth and modernization efforts
- Develop and monitor security metrics, reporting, and risk indicators to support executive decision-making
- Foster a security-aware culture through training, education, and stakeholder engagement
- Partner with internal stakeholders, auditors, and external vendors to support security initiatives and compliance obligations
- Ensure security programs balance risk reduction with operational efficiency and business enablement
Qualifications
- Bachelor's degree in Information Security, Computer Science, Information Technology, or a related field
- 6 to 8 years of experience in information security, risk management, cybersecurity operations, or IT leadership
- Proven ability to lead cross-functional teams and deliver enterprise security programs
- Strong understanding of security frameworks, governance, risk management, compliance, and security operations
- Experience managing security technologies such as SIEM, endpoint protection, identity and access management, vulnerability management, and cloud security platforms
- Experience supporting regulatory and compliance initiatives such as PCI DSS, SOX, privacy regulations, or other industry requirements
- Strong communication, leadership, and strategic planning skills
- Ability to translate technical risks into business-focused decisions and recommendations
- Experience leading incident response efforts and driving continuous security improvements
- High level of integrity, confidentiality, and adaptability in a fast-paced environment
Work Schedule
Monday through Friday, daytime hours. Flexibility may be required to meet business needs.
This position is based onsite at our La Crosse Support Campus.