Requisition Number: SS-12702
Area of Interest: Information Technology
Brand/Division: Shared Services
Position Type: Full-time
Information Security Compliance supports the sustained compliance of the company with requirements for the protection of its systems and information assets. The scope of work extends across the corporate environment and its consumer delivery channels and it addresses legal requirements and industry standards such as PCIDSS, COBIT, ISO, HIPAA, and CA1386.
The Information Security Compliance Specialist plays a key role in this activity. The Specialist provides security decision support through improved reporting dashboards, key control testing automation, and tuning security analytics tools. The Specialist is also responsible for ongoing maintenance of GRC tools and interfaces. The Specialist may identify potential security exceptions, help to resolve business requirements, escalate matters requiring management attention, and oversee timely and effective remediation of security vulnerabilities to protect company information. The Specialist also will be responsible for providing execution support to business units in performing risk assessments, due diligence activities, data management, ongoing oversight, and reporting related to the engagement and management of third parties handling sensitive business information.
* Evaluate security controls and associated testing procedures to identify opportunities to automate ongoing assurance activities
* Develop, document and deliver program features such as security automation, continuous monitoring, and intelligence gathering
* Architecting and developing solutions that will advance internal security monitoring & controls
* Maintain compliance tools and interfaces used to communicate, track and report on common controls and their effectiveness
* Provide security consultancy and configuration guidance for cloud solutions
* Deliver regular reporting on third party engagements and associated risks
* Maintain effective relationships with business unit third party coordinators and other stakeholders, to ensure that business needs are satisfied in an efficient and effective manner
* Communicate and promote the sound implementation of policies, standards, and procedures throughout the organization
* Monitor and evaluate external security trends and best practices for policy adoption within WSI
REQUIREMENTS AND QUALIFICATIONS
* BA/BS or equivalent experience
* 5+ years of experience gained in the information security field
* Experience working with and ideally maintaining, developing or implementing security-related tools such as GRC applications, and CASB solutions
* Experience with automation software such as Powershell, AutoIT, and MS-DOS Batch
* Understand information security holistically and how it relates to business goals
* Good written, oral, and interpersonal communications skills with proven ability to champion causes with positive impact and change
* Ability to design, implement, reengineer and manage complex processes.
* Proven people management skills.
* Strong analytical skills
* Knowledge and experience with information security standards and methodologies, including the PCIDSS, ISO 27000 series, COBIT, Sarbanes Oxley, HIPAA, and other relevant industry security standards, and knowledge of risk assessment and risk analysis
* CISSP or similar certification [e.g., GIAC Certified ISO-17799 Specialist (G7799)]
* Experience interfacing with and communicating information on complex privacy and security compliance issues to senior management and business units and external parties
* Experience working within the retail sector
* Experience working with security tools such as QRADAR, UpGuard, Tenable, Panorama/ Palo Alto Network firewalls
Williams-Sonoma, Inc. is an Equal Opportunity Employer.
Williams-Sonoma, Inc. will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance, or other applicable state or local laws and ordinances.
Website : http://www.williams-sonomainc.com
Founded in 1956, Williams-Sonoma, Inc. is the premier specialty retailer of home furnishings in the United States and Canada. Our brands are among the best known and most respected in the industry. We successfully market them through all three major channels — retail stores, catalogs, and the Internet.