Principal Team Leader, Cybersecurity Consulting

Overview

Come lead our vital team of cybersecurity advisors as we help colleagues across the company learn and follow cybersecurity best practices to defend Chick-fil-A systems and people against cybercriminals. As part of Cybersecurity Consulting within the Digital Transformation and Technology (DTT) department's Cybersecurity team, you will coach, mentor, and lead those who provide cybersecurity leadership and consultation to technical and non-technical colleagues across Chick-fil-A. You will also navigate complex issues related to multiple interrelated platforms and relationships at all levels of management. In this role, you will use your leadership, technical, and cybersecurity experience to establish and guide consulting strategy, support incident response, and influence leaders across the organization. You will also guide your team in establishing effective security practices across multiple business areas and remediating security gaps in existing systems, especially in mobile and cloud environments. Your scope of work will be broad, encompassing cybersecurity awareness, information systems security management, project advisory services, third party risk management, policy formation, enterprise risk, security operations, and vulnerability management. You will exercise significant influence on security day-to-day and strategically across all business areas of the company.

Our Flexible Future model offers a healthy mix of working in person and virtually, strengthening key elements of the Chick-fil-A culture by fostering collaboration and community.

Responsibilities

• Develop and implement a cybersecurity consulting strategy to support company-wide and departmental business initiatives while serving as a senior advisor in support of the Cybersecurity Director.
• Build influential relationships with key leaders across Chick-fil-A.
• Guide your team in creating and improving security policies, standards, and requirements based on changes in the industry, technology, and the business.
• Promote the growth of a healthy, proactive, risk-based cybersecurity mindset across the organization.
• Serve as senior consultant to contribute experienced coaching and escalation response for issues in project consulting, policy interpretation, and vulnerability remediation.
• Guide a cybersecurity remediation program for vulnerabilities and misconfigurations, proactively monitoring overall process performance and effectiveness.
• Collaborate with the Cybersecurity Engineering team to develop new remediation strategies and tactics.
• Maintain the Cybersecurity Risk Register, ensuring that it remains accurate, up-to-date and that risk owners are engaged in risk acceptance and/or remediation efforts.
• Partner with Cybersecurity Leadership to respond to emerging cybersecurity threats.
• Represent cybersecurity positions as part of governance responsibilities within the Digital Delivery Process and identify new projects that deserve prioritized cybersecurity involvement.
• Regularly evaluate operating environment dynamics to address gaps in cybersecurity consulting capabilities, tools, and processes.
• Oversee and grow team capabilities related to cybersecurity metrics and reporting to stakeholders.
• Ensure the effective and timely execution of annually recurring responsibilities such as PCI attestation of compliance, insurance renewal, and others.
• Promote collaboration, information sharing, and effective relationships.
• Coach, mentor, and provide project and career guidance to the team.
• Communicate accomplishments, issues, and needs effectively to leadership.
• Allocate financial and people resources effectively to achieve maximum effectiveness.

• Comprehensive understanding of cybersecurity best practices
• Comprehensive understanding of risk management practices
• Understanding of cloud platforms and common security services
• Understanding of network security principles

• Strategy development
• Technical leadership
• People leadership
• Clear communication
• Problem-solving
• Risk analysis
• Influencing change
• Mentoring
• Strong decision-making skills.

• Strong leadership skills grounded in empathy and respect for others.
• Skilled communicator who varies approach based on environment, personalities, and audience's technical knowledge.
• Effectively manages vendor relationships.
• Ability to analyze security threats
• Strong and proactive sense of responsibility

• 6+ years of experience
• Bachelor's degree in Cybersecurity, Computer Science, Management Information Systems, Information Technology, or a related technical field of study
• Prior experience managing responsibilities similar to this role

• 8+ years of experience
• Experience managing security awareness programs at an enterprise level.
• Cybersecurity certification(s): CASP+, CISSP, CEH, OSCP, CISM, CISA, or similar.
• Advanced specializations in Cloud Security, Penetration Testing, Incident Response, or similar.