The Information Security Lead will be responsible for security monitoring, incident response, engineering, threat and vulnerability management, and identity and access management. The Information Security Lead is responsible for the operation, management, and continuous improvement of the enterprise security program along with partnered security vendor relations.
RESPONSIBILITIES (Specific areas of responsibility include but are not limited to):
Set the vision for PGA enterprise security strategy and execution roadmap.
Partner with PGA Leadership, IT, and Legal to execute security program roadmap and initiatives
Build and maintain a world-class Security Team.
Develop, maintain, and enhance Security policies, procedures, and standards as aligned to program framework(s) and regulatory compliance requirements.
Collaborate across the PGA organization and its business partners to address security events, risks, and support requests.
Drive security governance, risk, and compliance across the PGA organization including third-party vendor risk management, secure configuration management, and security awareness.
Provide oversight and technical expertise to support Security Program functions such as Cloud Security, Mobile Device Management, Identity, and Access Management, Incident Response, Vulnerability Management, Security Architecture, and Engineering, Identity and Access Management, and Cyber Threat Intelligence. Maintain Drive technology and security compliance efforts across PGA.
Embody the organization's shared values and help ensure the organization's values-based culture thrives by proactively identifying and addressing any shared values challenges and opportunities you are experiencing.
Participates in the annual budgeting process and makes recommendations for budget requests.
EDUCATION AND EXPERIENCE:
Bachelor’s degree (B.A.) or equivalent program in Information Systems, Computer Science, Cybersecurity, Information Technology, or related field.
7+ years of progressive IT Security experience with 3+ years of enterprise security management experience focused on managing technical and non-technical program functions
5+ years of experience driving and executing compliance assessments for regulatory compliance and industry frameworks such as CCPA, GDPR, PCI DSS, SOC 2 Type II, CIS, NIST, and MITRE ATT&CK.
Relevant IT security certifications (e.g., CISSP, CISM, CISA, CRISC, GIAC)) are preferred.
SKILLS, KNOWLEDGE AND ABILITIES:
Must have knowledge of cloud computing technology (e.g. Azure, Google Cloud, AWS, etc.) Ability to maintain confidentiality of sensitive information with the highest level of integrity. Excellent written and verbal communication skills specifically for policy managment. Knowledge of Google Workspace.
Ability to travel up to 5%
This position is not eligible for immigration sponsorship.
Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions of this position.
PGA does not discriminate on the basis of race, color, creed, religion, gender, age, disability, sexual orientation, national origin, citizenship, veteran status, gender identity or expression, marital or familial status, genetic information or any other characteristic protected by federal, state or local law. In addition, to ensure full equality of opportunity in all operations and activities of the organization, every staff member employed by the PGA shall be selected under fair employment procedures that provide equal employment opportunities to all people. DFWP.
Experts on the business and game of golf. The best coaching tips and latest golf news delivered straight to you. Sign Up to get the latest.