Skip Navigation
Job Search

Director Cybersecurity, Information Systems Risk & Compliance

Quincy, MA

Overview :

Provides vision, strategy, and broad-based planning and execution to the security & risk management functions. Leads security initiatives throughout the Company and communicates risks to Senior Management. Manages overall security risk in compliance with applicable frameworks and changing security landscape. Maintains our security posture and develops key performance measures. Ensures compliance with established security protocols and privacy laws. Provides security and thought leadership to support the development and implementation of IT solutions and help meet the organization’s long term objectives.

Responsibilities :
  • Develops and updates security policies relating to our Quincy MA headquarters, Tilton NH Distribution Center and store locations utilizing CIO as a partner. Enforces policies throughout the organization
  • Develops and enforces privacy strategy for compliance with new privacy laws
  • Oversees compliance testing including internal audits and third-party audits
  • Manages operational and capital budgets related to IT security functions
  • Conducts meetings with key leaders to discuss vulnerabilities. Performs ongoing risk assessments and recommends and implements new ideas to further enhance security
  • Works with external vendors to enhance security compliance. Manages strategy to select best vendor for J.Jill’s security needs
  • Reviews results of vulnerability scans as well as internal and external pen tests to determine remediation of high and critical risk items. Oversees work of IT and Manager of Information Security on remediation
  • Ensures proper review of security incidents and logging as well as proper communication.
  • Partners with CIO to manage IT cyber security incidents. Works with IT to maintain availability of all key systems and infrastructure
  • Ensures Information Security & Compliance maintains PCI compliance
  • Reviews third-party relationships to ensure no security concerns or vulnerabilities
  • Provides security consulting to key members of Management team including project leads
  • Keeps up to date in latest security trends and makes applicable recommendations
  • Demonstrates clear communication throughout the organization. Becomes an effective partner with both IT and business leadership
  • Assists in testing overall environment

Qualifications :
  • Deep knowledge of IT frameworks is required, including NIST and PCI
  • In depth knowledge of security best practices (design, data protection, networks, encryption, access, threat intelligence, etc.)
  • Experience on the technical side (IT security) as well as business side (internal audit)
  • Ability to manage third party security partners
  • Strong analytical and problem-solving skills, as well as excellent writing skills
  • Excellent communication skills and experience presenting to senior leadership. Ability to communicate to both technical and non-technical associates
  • Demonstrated ability to build partnerships across all levels of the organization including executive management
  • Demonstrated ability to team build, collaborate and partner
  • 10+ years experience in IT Security and IT Audit
  • 7+ years experience in overseeing and implementing security, governance and compliance frameworks (e.g. SOX, PCI, ISO27001/2) at public companies, preferably in a retail environment
  • 5+ years experience overseeing Report on Compliance (ROC) for PCI compliance
  • CISSP plus CISA or CISM required 

Sign up for Job Alerts

Interested in a career with J.Jill? Sign up here to receive updates on available jobs in our Home Office, Retail Locations, and Contact and Distribution Center.

Areas of InterestSearch for a category, location, or category/location pair, select a term from the suggestions, and click "Add".

  • Internal Audit, Quincy, Massachusetts, United StatesRemove