Key skills
Cloud
About this role
Role Overview
- Define, measure, and align all Ferguson entities with NIST CSF framework
- Create/publish Information Security Policy & Guiding Standards
- Coordinate security training/awareness and oversee Policy enforcement
- Perform annual NIST CSF risk assessments
- Identify and prioritize maturity gaps in the Program and partner with Architecture, Security Delivery, and Security Operations
- Own and maintain the Enterprise Information Security Policy and related processes
- Manage all aspects of global Security Awareness Program
- Provide ongoing metrics and reporting for security resource consumption
Requirements
- 7-10+ years in Information Security management role
- Bachelor's or master's degree in computer science, information systems, business administration or related field, or equivalent work experience
- Critical technical and management-focused IT security certifications (e.g., CISSP, CISM, or equivalent)
- Detailed understanding of NIST CSF, ISO 27001, IT governance framework (COBIT), Sarbanes Oxley, COSO framework
- Experience with evaluating security and controls on on-premises and cloud-based technologies
- Solid ability to understand, assess and prioritize risks across IT components (application, operating system, and database)
Tech Stack
- Cloud
Benefits
- health insurance
- dental
- vision
- paid time off
- life insurance
- 401(k) with company match
- mental health coverage
- gender affirming and family building benefits
- paid parental leave
- associate discounts
- community involvement opportunities