The Donna Karan Company LLC

Security and Compliance Associate

ID
2017-6855
US-NY-New York

Overview

 

G-III Apparel Group, the world's premier designer and manufacturer of quality leather outerwear, dresses, women's suits and sportswear with a comprehensive portfolio of over 30 licensed and wholly-owned brands, including Calvin Klein, Donna Karan, Kenneth Cole, Cole Haan, Guess?, Tommy Hilfiger, Karl Lagerfeld, Levi’s, Dockers, Jessica Simpson, Vince Camuto, Ellen Tracy, Kensie, Ivanka Trump, and G.H. Bass, among others, seeks a Security and Compliance Lead to join its team based in New York City.

 

 

The position is responsible for overseeig the GIII cyber security and compliance program. Position requires working with a wide range of resources to ensure that all internal and external facing end-points are properly secured and monitored, all governing IT policies and procedures are updated/vetted and implemented. The position requires a constant vigilance of any and all changes being executied by IT within the GIII domain and ensuring that proper security and compliance protocols are implemented and managed.

Responsibilities

  • Establish and maintain Security and Compliance Program - Covering all GIII entities
    • Prepare and manage Enterprise-wide risk assessment for use in formulation and mapping against future security enhancements and identifying priority risks.
    • Manage, develop and implement the IT Security policies, standards and guidelines.
    • Work with Internal and External Audit to ensure full understanding of the GIII on-going initiatives as related to the IT Security profile.
    • Understand potential threats, vulnerabilities and manage remediation efforts in resolving.
    • Prepare, plan and budget to support a multi-year Security hardening strategy - constantly evolving to ensure optimal profile is implemented at GIII.
  • Serve as an adviser to management in the development, implementation and maintenance of IT Security profile.
  • Primary lead role on investigating Security breaches or incidence.
  • Ensure all GIII systems - networks, infrastructure, applications are secured against external and internal attacks at all times:
    • Security Policy templates are implemented (inc. AV, Malware, ESE, backups, redundancy, etc.)
  • Lead role in managing 3rd party Pen-Test exercises and remediation planning.
  • Documentation of department SDLC processes and best practices.
  • Responsible to review, prepare and oversee implementation of System Policies related to end-point posturing - ensuring that proper policies are in place with ISE in preventing rogue devices from entering GIII networks.
  • Participate in special assignments and projects as requested by management.

Qualifications

  • Industry recognized certifications. Network certification is a plus
    • CCNA, CCNP, CISSP, CISM, ISC
  • 2+ years' experience in a similar support position
  • Excellent communication skills - verbal and written
    • Ability to prepare functional and technical presentations
  • This individual must be able to work in a team environment and make positive contributions to the organization
  • Assist in improving/enhancing internal team knowledge within the supported area of expertise.
  • Strong analytical and communication skills
  • Must be able to provide support for off-hours activities - including nights, weekends, holidays
  • Should have good interpersonal skill to deal with end user community
  • Must be able to travel (international included)

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed