Senior Director Information Security
The USA TODAY Network, part of the Gannett Co. Inc. (GCI), is a next-generation media company that empowers communities to connect, act, and thrive. Headquartered in McLean, VA we have unparalleled local-to-national reach, successfully connecting consumers, communities and businesses. The iconic USA TODAY brand is comprised of 107 strong local media organizations in 33 states and Guam with more than 160 local news brands online and in the U.K. We provide rich content through hundreds of outstanding affiliated digital, mobile and print products. Gannett brands include The USA TODAY NETWORK, ReachLocal, SweetIQ, Grateful Ventures and U.K. media company Newsquest. Our goal is to re-imagine our traditional media roots. This is achieved by creating innovative products and services that leverage our role as an information provider and reach our customers whenever and wherever.
We seek an influential, collaborative, leader to join our team as the Senior Director, Information Security inside our Enterprise Computing and Risk Management team within the Gannett Technology organization. Reporting to the Vice President of Enterprise Computing and Risk Management the Senior Director, Information Security will serve as a central point of strategic planning, coordination, and execution of cyber and information security activities across the company. This role will directly manage our security teams focused on architecture & engineering, governance & compliance, and incident response.
The Senior Director, Information Security will work across multiple divisions to bring a holistic approach to the company's information security initiatives as cybersecurity has evolved beyond what we once knew as traditional "IT security." The focus of this role is to further broaden a cyber security awareness culture by creating and further enhancing engagement awareness programs. Key collaboration will reach throughout the company including working with senior leadership across Finance, HR, Legal, the newsrooms, as well digital Product Management and print publishing services.
The right candidate will have previous hands-on experience with complex Information Security solutions and business applications, communicate clearly, and juggle multiple priorities in a fast-paced environment. This role supports and provides critical analyses and insights to help drive business decisions in a dynamic and fluid organization. This role focuses on staying abreast of the latest technology and industry developments around cybersecurity, is the primary liaison to peers, partners, and law enforcement as it relates to security activities and incident response.
- Manage company-wide information security governance processes.
- Establish recurring and long-range security and compliance goals and KPIs.
- Define metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
- Recruit and retain high-performing cybersecurity talent. Mentor and directly manage the team towards its core mission.
- Participate and contribute to internal and external audits relevant to information security and compliance. This includes the responsibility of managing the compliance that currently includes SOX and PCI.
- Create education and awareness programs and advise teams at all levels on security issues, best practices, and vulnerabilities.
- Keep abreast of security incidents and act as primary control point during significant information security incidents.
- Further enhance an incident response program and protocol. Convene a Security Response Counsel (SRC) as needed in addressing and investigating security incidences that arise as well as review changes that have the opportunity to introduce greater risk to the organization.
- Perform special projects and other duties as assigned.
- BS or MS in an Information Technology related field, or equivalent relevant experience.
- 12 years of professional experience in technical environments, with at least 4 of those years focused on cybersecurity and at least 5 years of management experience.
- Experience in large national or international companies with a geographically dispersed workforce.
- Experience in digital media and/or internet driven businesses.
- Deep knowledge of regulatory/compliance requirements.An active and engaging thought leader who can plan, manage and execute on deliverables. Graceful and controlled under pressure.
- Experience leading teams and leading projects with the highest level of integrity and management of confidential information.
- A collaborative team player - concerned with the team's success as well as individual performance.
- Curious and energetic. Avid student of changing industry requirements and the technologies that drive results.
- Ability to manage multiple priorities and meet deadlines in a fast-paced environment with attention to detail to ensure highest level of quality in reports and analysis.
- Excellent problem solving, critical thinking, and analytical abilities. High tolerance for ambiguity and complexity, and efficient with limited resources. Intellectual curiosity and passion to drive results. Enthusiastic advocate of security.
- Strong Knowledge of following technologies and standards:
- Identity Management
- LAN/WAN Network security, VPNs and firewalls
- Endpoint protection, device and mobile security
- Cloud security & Data encryption
- Intrusion Detection and Prevention
- ISO, ANSI, and NIST standards around cybersecurity
- ISO / IEC 27002, ISACA and COBIT
- State and Federal laws governing public companies as related to Information Security
- PII, PCI, SOX and privacy standards
- Special topics relevant to the media industry, such as malvertisement, denial of service, fake news, social media - account high-jacking/impersonation, and bot traffic.
We offer an energized, passionate team within a fun & flexible workplace. An opportunity to work alongside digital leaders and visionaries. We provide an elite benefits package that includes: PTO & Paid holidays, Medical, Dental, 401k, and other benefits.
USA TODAY Network, part of the Gannett Co. Inc. (GCI), empowers communities to connect, act and thrive. We have unparalleled local-to-national reach, successfully connecting consumers, communities and businesses. The iconic USA TODAY brand is comprised of 100+ strong local media organizations with more than 160 local news brands online and in the U.K. We provide rich content through hundreds of outstanding affiliated digital, mobile and print products. To connect with us, visit www.gannett.com
Gannett Co., Inc. (NYSE: GCI) is a proud equal opportunity employer. We are a drug free, EEO employer committed to a diverse workforce. We will consider all qualified candidates regardless of race, color, national origin, sex, age, marital status, personal appearance, sexual orientation, gender identity, family responsibilities, disability, education, political affiliation or veteran status.
Meet Some of USA TODAY NETWORK's Employees
Steven serves as a point person of contact with businesses in local markets. He works with partner organizations to determine how USA TODAY can help them be successful.
Back to top