PXG - Information Systems Security Director (Scottsdale, AZ)
Parsons Xtreme Golf (PXG) was founded by American entrepreneur and philanthropist Bob Parsons with the sole intent to design and develop the world’s finest golf clubs – and we believe we have done just that! With no cost or time constraints, PXG is committed to the long process of researching various alloys, exploring new technologies, and identifying the unique properties that make PXG clubs perform unlike anything else. With no set product release cycles, the company takes its time and pours every ounce of innovation into each new club design. PXG offers a full lineup of right and left-handed golf clubs, including drivers, fairway woods, hybrids, irons, wedges, and putters, as well as a complete line of high-performance, fashion-forward apparel. Ready to join the PXG team?
The Director of Information Security role is critical to ensuring the security program is effective at identifying, detecting, responding, and recovering from a cybersecurity event. The Director ensures that the security team evolves in organization, capability, and equipment in order to keep pace with the threat environment. The Director of Information Security is a leadership role that requires an individual with a strong technical background, as well as an ability to work with the broader technology organization and business management to align priorities and plans with key business objectives. The Director of Security will research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. This position will interact with the technology department and all levels of the organization to assist in making informed decisions to meet business objectives surrounding operational and digital security. This position will report to the Sr. Director of IT.
- Lead the development of Information Security standards and procedures for business units consistent with organization security
- Lead the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and
- communicate information about residual risk
- Lead security projects and provide expert guidance on security matters for other technology projects
- Develop and maintain policies and procedures which enhance security and awareness across the organization in line with business
- Develop and maintain a process that ensures the Security team is involved with architectural implementations and decisions amongst
- the IS and IT teams
- Develop and maintain a waiver process for risks that should be mitigated or addressed later
- Design, coordinate and oversee security testing procedures with the technology group to verify the security of systems, networks, and
- applications, and manage the remediation of identified risks
- Consult with technology and security staff to ensure that security is factored into the evaluation, selection, installation, and configuration
- of hardware, applications, and software
- Evaluates new cybersecurity threats and IT trends and develops effective security controls
- Ensure audit trails, system logs, and other monitoring data sources are reviewed periodically and are in compliance with policies and
- audit requirements
- Perform regular reviews on technology security practices across the organization
- Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
- Perform PCI and CIS audits on a scheduled basis to ensure compliance
- Maintains current knowledge of the industry and regulatory trends and developments for the enterprise technology
- Work with the Senior Director of Information Technology and Vice President of Technology to develop budget projections based on goals
- and objectives.
- Minimum 8 years experience in a Security Operations role
- Minimum 3 years experience in a Security Management or relevant leadership role
- Bachelor’s Degree in information systems or relevant work experience
- Relevant certifications such as CISSP or GIAC GSEC are a plus
- Experience with Datadog is a plus
- Experience auditing and remediating PCI DSS and CIS standards
- Experience with Source Control Management
- Experience with Cloud Frameworks like AWS and or GCP
- Experience with Infrastructure as Code concepts
- Intermediate level Office 365 Management experience
- Planning, development, implementation, and leadership skills
- Knowledge of organizational structure, workflow, and operating procedures
- Ability to perform Self-Audits using industry-standard tools
- Advanced knowledge and understanding of concepts, principles, methods, and techniques within the areas of physical and technological
- Skill in examining and re-engineering operations and procedures, formulating policy, and developing and implementing new strategies
- and procedures
- Ability to develop, plan, and implement short- and long-range goals
- Ability to foster a cooperative work environment within a complex organizational structure
This position works in an office environment. Must be able to sit or stand for long periods of time.
PXG is a drug-free, smoke-free, and fragrance-free work environment.
PXG believes in a diverse environment and is committed to equal employment opportunity and non-discrimination for all employees and qualified applicants without regard to a person's race, color, religion, creed, national origin or ancestry, ethnicity, sex, sexual orientation, gender (and gender identity or gender nonconformity), age, physical or mental disability, citizenship, past, current or prospective service in the uniformed services, genetic information or any other characteristic protected under applicable laws. PXG will make reasonable accommodations for qualified individuals with known disabilities, in accordance with applicable laws.
Job Reference #: 1561