• Director, IT Security Governance

    Job Locations US-OH-Columbus
    Requisition ID 2018-3087
    Category (Portal Searching)
    Information Technology
  • Overview

    A Brand That's What's Now

    Express is the sexy, sophisticated lifestyle fashion brand for every occasion: work, weekends, or nights on the town.  Our brand is what's new and what's now for young fashion-forward men and women.  We have more than 600 retail and outlet stores throughout the United States and Puerto Rico, as well as franchise stores in Latin America.  We also have a best-in-class online/mobile shopping experience at www.express.com that allows our customers to shop whenever and wherever they like.  


    A Workplace To Match

    We think you'll like it here. 

    We offer a competitive compensation and benefits package, generous associate discount, and casual work environment. Working at Express is much more than the 9 to 5. It is an opportunity to connect and engage with some of the smartest individuals in the fashion business doing work they are passionate about.  This is the Express Life and we’re always looking for talented leaders at all levels to join our team; if this sounds like you, we'd love to chat!


    Assists to develop and execute the Express Information Security Program by managing people, delivering technology and operating process/procedures necessary to protect the confidentiality, integrity and availability of the company’s information and technology assets by minimizing unauthorized use, disruption, modification, corruption, disclosure, loss, and destruction.  Essential Tasks include:

    • Define, lead and execute the Express information security program. Document security policies and procedures
    • Lead regulatory compliance activities in support of corporate, state, federal and international technology mandates
    • Develop and review all system-related security plans throughout the organization’s network, acting as a liaison to IT
    • Lead and execute the Express incident response component of the information security program as well as the threat and vulnerability management component
    • Perform information security risk assessments and serve as an internal auditor for security issues

    Essential Requirements 

    • Bachelor’s degree in Information Systems or equivalent experience
    • MSCE, CISA and CISSP certifications (will consider demonstrated experience operating and administrating networks as a substitute for certification); 5-7 or more years experience in information security including experience within a multi-platform technical environment; previous managerial experience of direct reports and/or project management experience preferred
    • Excellent communication skills.  Demonstrated ability to effectively communicate IT security concepts to all levels of the business and technology organizations.      
    • Experience in PCI Compliance and MFA


    Preferred Requirements 

    • In-depth understanding of information security technologies and process. 
    • Must have the ability to multi-task and execute with minimal supervision from management.
    • Ability to manage security related incidents and mitigate threats impacting network security.
    • Demonstrated knowledge and execution of information security policy practices and procedures. 
    • Experience supporting and interfacing with end-users for technical support resolution.
    • Strong interpersonal skills.
    • Ability to effectively communicate with all levels of the organization and to both technical and non-technical associates.
    • Demonstrated excellent technical writing skills.
    • Willingness to work during non-business hours as needed and be on-call to support the business 7x24.
    • Understanding and previous involvement in state, corporate and federal regulatory compliance initiatives.
    • Continuously and reliably meet the needs of the user community;
    • Set the overall direction and oversee planning and implementation of appropriate security measures for all business information systems.
    • Research and identify security innovation in IT to be blended into current business systems to enhance systems functionality and keep the company secure and competitive.




    As an equal opportunity employer, Express does not discriminate in hiring or terms and conditions of employment on the basis of any federal, state, or locally protected class.  Express only hires individuals authorized for employment in the United States.



    Notification to AgenciesPlease note that Express does not accept unsolicited resumes or calls from third-party recruiters or employment agencies. In the absence of a signed Master Service Agreement and approval from HR to submit resumes for a specific requisition, Express will not consider or approve payment to any third-parties for hires made.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started!