Manager, IT Security
Posted on Nov 11, 2018 by Pga Tour Superstore
At PGA TOUR Superstore, we're always looking for enthusiastic, self-motivated, flexible individuals who will share a passion for helping transform our business. As one of the fastest growing specialty retailers, we're dedicated to hiring selfless team players from different backgrounds to influence the growth of our organization. Part of the Arthur M. Blank Family of Businesses, PGA TOUR Superstore continuously strives to create a family culture for our Associates - driven by our vision to inspire people through golf and tennis.
The primary function of this position is to establish, administer and manage an information security program, cyber security systems, policies and procedures and advise senior management regarding risks to PGA TOUR Superstore due to implementation of technology used to operate the business. Given the nature of our lean team, we're looking for someone who can design and manage the program and is not afraid to roll up their sleeves and get to work. Advanced problem diagnosis and resolution required with a sharp focus on enterprise security analysis. This role responds to computer security breaches, virus and malware infections, and cyber-security threats as well as implements company's Information Security Management System security controls to protect enterprise data and network infrastructure.
- Meet physical and sensory requirements stated below, and be able to work in the described environment.
- Identify and participate in process improvement initiatives that improve the customer experience, enhance work flow, and/or improve the work environment.
- Act as the primary security engineer to manage designated security platforms and services that protect the PGA TOUR Superstore environment, including firewalls, WAF, authentication services, network access control, and end point security solutions and other assigned technologies.
- Perform or manage penetration testing, vulnerability assessments, and security architecture reviews to help identify external threats and recommend methods for remediation.
- Collaborate with various IT and projects teams to provide technical and tactical (\"hands-on\") support within security-related areas to accommodate SLAs and deadlines.
- Assist with reviews of company projects and provide input on potential risks, threats, and appropriate solutions to meet information security requirements.
- Support the Change / Release Management processes through adequate vetting and testing of system changes and ensuring adequate documentation.
- Manage the following security systems:
- Internet Intrusion Detection and Protection systems
- WAN Endpoint security and firewalls and proxies
- Internet Content filtering
- Log Monitoring systems for services and computers
- Internet content filtering, anti-virus and malware applications
- Email spam, virus and malware detection applications
- Log monitoring systems for servers and computers
- Desktop policy enforcement
- Active Directory policy governance
- Security Incident and Event Management
- Vulnerability Management & Reporting
- Participates in maintaining company compliance with applicable federal and state laws and industry requirements, including, but not limited to, PCI
- Responsible for managing network security breaches, providing containment solutions, communications to management, and developing stop-gap methodologies across the enterprise.
- Responsible for antivirus, patch management for IT Security Systems, application deployment, solution evaluation and proof-of-concepts (POCs).
- Work with all members of the IT team to maintain and update all IT controls, standard procedures, policies and enforcement of processes to enable compliance with regulatory requirements.
- Review all IT internal procedures to ensure compliance under HITECH and HIPAA policies (existing IT controls) and report findings to IT Leadership team.
- Other special projects and duties, as assigned.
Qualifications and Skills Required:
- Strong understanding of security zones, DMZs, VLANs, network segmentation , etc
- Strong understanding of LAN/WAN/ Cloud Hosting Networks
- Experience with network security controls in PCI
- Experience with Meraki, Fortinet, VMWare preferred
- Understanding of Identity Management using Active Directory, SAML, ADFS,
- Must be motivated, disciplined and a self-starter
- Education: Bachelor's degree in related IT field required and equivalent related work experience.
- Experience: 10 years of relevant experience
Working conditions and physical demands:
- Must be able to stand and/or sit for extended periods of time as the job is completed primarily at a desk each day. Variable desk heights are offered so alternatively sitting and/or standing at the desk is optional.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
PGA TOUR Superstores is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.
We comply with all laws that prohibit discrimination based on race, color, religion, sex/gender, age (40 and over), national origin, ancestry, citizenship status, physical or mental disability, veteran status, marital status, genetic information, and any other legally protected status. Employment discrimination isn't just unlawful, it violates our policies and is not who we are. Every associate at every level in the organization is prohibited from engaging in any form of discrimination.
An associate who believes s/he is being discriminated against should report it immediately to the Human Resources department. The law and our policies prohibit retaliation against anyone for making such a report.
MLB Advanced Media
National Football League