Director, Cybersecurity - Incident Response & Endpoint Security
Country : USA
State : New York
Town : New York
Category : Logistics
Contract type : Permanent
Availability : Full time
Defined by inclusivity rather than exclusivity, Tapestry embraces the exploration of individuality and invests in helping you grow personally and professionally. Every individual in our global house has the opportunity to make an impact, learn and be part of our growing and unique story.
At Tapestry, we have the freedom to express ourselves and run with our best ideas across Coach, Kate Spade New York, and Stuart Weitzman. We share a profound belief in both our individual and collective potential, and know that with hard work and dedication, anything is possible.
The Director, Information Security is a critical member of the InfoSec Team, focused on developing executable cyber strategies that meet the needs of our global businesses and customers. We are looking for a proven business leader that inspires creativity, and strong competency in both setting and executing cyber strategies across all our brands. The individual must be a motivated team player with a positive attitude, solid interpersonal skills and immediately take ownership within their area. The individual must be hands-on, work under minimal supervision and have the ability to work in a fast-paced small-team environment.
The candidate will possess 7+ years of progressive information security experience across various information security / information technology risk management domains such as but not limited to: cloud governance frameworks, cloud security architecture, endpoint protection, Intrusion Prevention, E-Discovery, Incident Responses, Data Loss Prevention, Infrastructure Security, Privacy, Threat Management, etc.
- Help establish and maintain an overall cyber resilience framework
- Manage & prioritize new cyber initiatives and projects assigned to your team
- Develop & maintain strategic roadmaps for key initiatives and technologies
- Act as an SME across the entire IT stack as well as diverse IT systems, networking and security components, applications, and operating systems
- Socialize initiatives and project requirements, timing, and scope with all required stakeholders
- Advises and assists in maintaining a healthy security posture of our technology environments
- Apply risk-based decision making to complex problems and consult with relevant subject matter advisors as needed to inform the decision
- Establish and maintain a metrics reporting framework, determine gaps & work with peers to improve data points and coverage
- Familiarity with industry security standards including NIST 800-53, ISO 27001 and ISO 27018 as well as current data privacy regulations, including GDPR, CCPA, and regional standards
- Act as a Subject Matter Advisor to the organization for cloud leading practices, including cloud networking and security, provisioning, and management of cloud environments
- Develop trusted relationships with peer organizations and stakeholders globally; Partner closely with our company's cloud security, application security, and compliance teams to build a sustainable and continuously compliant cloud ecosystem
- Strong security experience across cloud architecture deployments (i.e. AWS, Azure, GCP, Alicloud), governance, and general cloud security controls, with a primary focus on AWS
- Experience in implementing common principles and practices across cloud platforms and provide compliance against industry specific guidelines
- Solid understanding of network design principles with and knowledge of virtualized environments and implementation of security controls in a virtual infrastructure
- Develop and implement cloud security standards, procedures, and guidelines for multiple platforms and diverse environments
- Create innovative solutions for maintaining compliance and control of our company's hybrid cloud at scale utilizing SOAR like technologies
- Endpoint Protection & Incident Management
- Building, leading, and supporting teams of security experts who specialize in the prevention, detection, response, and recovery of cyber incidents.
- Investigate network intrusions and other cyber security incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms
- Provide threat intelligence expertise to support the major incident response activities that can occur through insight on threat actors and tradecraft
- Participate in planning, designing, and executing tabletop exercises cross-functionally across Oracle for SaaS security incident planning
- Perform host-based forensic analysis and malware analysis to identify and recover relevant artifacts used to document security incidents and aid in the investigation and incident response process
E-Discovery & Privacy:
- Act as the primary liaison between the InfoSec Team and Legal & Privacy Team
- Demonstrate self-sufficiency in leading digital forensic casework
- Development, management and execution of investigative activities including E-Discovery, Forensics & confidential investigations.
- Provide operational support for privacy related tasks including data subject requests, as well as management of privacy operations tools & processes
- Directly responsible for providing efficient and high-quality e-Discovery support including data collection, culling, processing and delivery
- Performs data collections using Clearwell eDiscovery and other computer forensic tools on a variety of systems including MS Exchange, Endpoint Devices, Network Shares, etc. to support investigations and litigations
- Effectively maintain physical and electronic evidence as per legal 'chain of custody' requirements
- Ensure required and appropriate processes are followed to ensure admissibility in courts of law and other proceedings
- Manage and maintain list of legal/investigative cases and provide on-going status on all activities
- Conduct confidential investigations including employee misconduct, criminal activity, regulatory investigations, etc.
- Meet with attorneys to determine collection requirements and interviews custodians to determine sources of potential data.
- Work with a variety of technical and non-technical personnel in a litigation support team environment.
- Minimum 4 years of experience with E-Discovery & Incident Response methodologies
- Minimum 3 years of experience in Cloud Compliance tools & processes
- Professional Certification in E-Discovery or Forensics helpful (ex. EnCE, EnCEP, CCFE, GCFE, CEDS, etc.)
- Industry recognized and vendor specific cloud security certifications (AWS, Azure, GCP), Azure preferred
- Previous experience with using Clearwell E-Discovery, Microsoft Protection Center and other forensic tools is strongly desired
- Excellent written and communication skills and ability to communicate across all levels of an organization
- Strong understanding of technology requirements associated with global privacy laws including GDPR, CCPA, CPRA, China Cybersecurity, etc.
- Strong understanding and experience with DevSecOps & security automation (SOAR)
- Familiarity with Cloud Workload Protection Platforms tools such as Dome9, Prisma Cloud, etc.
- Understanding of MITRE ATT&CK framework
- Experience with Treat Modelling (STRIDE/DREAD/etc.) and experience running security incident tabletop exercises.
- Strong knowledge of EDRM Framework
- Strong understanding of data collection techniques for wider technologies including Server & Desktop Systems, Encryption, Hardware Modules, Cell phones, Tablets and Removable Media
- Good understanding of Operating Systems including Windows, Linux, iOS, Android, etc.
- Scripting language such as Powershell or Python - a plus
- Basic malware analysis and reverse engineering knowledge - a plus
- Knowledge of global regulatory requirements for electronic discovery & cyber forensics.
- Retail company experience a plus
- Written and verbal skills to clearly and accurately provide analysis results for review by the client/counsel, including preparing affidavits, forensic reports, and giving testimony in depositions and trials
- High energy level, comfortable performing multiple projects in conjunction with day-to-day activities.
- Ability to work under pressure and with multiple stakeholders
- Superior interpersonal abilities. Ability to get along with diverse personalities, tactful, flexible.
- Ability to tactfully and effectively work on confidential matters
- Display initiative and accept responsibility for assigned responsibilities under minimal supervision.
- Possess excellent verbal and written communication skills.
- Highly organized and resourceful to work effectively with internal & external legal teams across different time zones.
- Translates e-Discovery technical requirements into relevant and understandable terms for non-IT personnel
- Service oriented, yet assertive/persuasive.
- Excellent time management and organizational skills
- Self-motivated individual; action oriented; results driven
Our Competencies for All Employees
- Drive for Results: Can be counted on to exceed goals successfully; is constantly and consistently one of the top performers; very bottom-line oriented; steadfastly pushes self and others for results.
- Customer Focus: Is dedicated to meeting the expectations and requirements of internal and external customers; gets first-hand customer information and uses it for improvements in products and services; acts with customers in mind; establishes and maintains effective relationships with customers and gains their trust and respect.
- Creativity: Comes up with a lot of new and unique ideas; easily makes connections among previously unrelated notions; tends to be seen as original and value-added in brainstorming settings.
- Interpersonal Savvy: Relates well to all kinds of people, up, down, and sideways, inside and outside the organization; builds appropriate rapport; builds constructive and effective relationships; uses diplomacy and tact; can diffuse even high-tension situations comfortably.
- Learning on the Fly: Learns quickly when facing new problems; a relentless and versatile learner; open to change; analyzes both successes and failures for clues to improvement; experiments and will try anything to find solutions; enjoys the challenge of unfamiliar tasks; quickly grasps the essence and the underlying structure of anything.
- Perseverance: Pursues everything with energy, drive, and a need to finish; seldom gives up before finishing, especially in the face of resistance or setbacks.
- Dealing with Ambiguity: Can effectively cope with change; can shift gears comfortably; can decide and act without having the total picture; isn't upset when things are up in the air; doesn't have to finish things before moving on; can comfortably handle risk and uncertainty.
Our Competencies for All People Managers
- Strategic Agility: Sees ahead clearly; can anticipate future consequences and trends accurately; has broad knowledge and perspective; is future oriented; can articulately paint credible pictures and visions of possibilities and likelihoods; can create competitive and breakthrough strategies and plans.
- Building Effective Teams: Blends people into teams when needed; creates strong morale and spirit in their team; shares wins and successes; fosters open dialogue; lets people finish and be responsible for their work; defines success in terms of the whole team; creates a feeling of belonging in the team.
- Managerial Courage: Doesn't hold back anything that needs to be said; provides current, direct, complete, and "actionable" positive and corrective feedback to others; lets people know where they stand; faces up to people problems on any person or situation (not including direct reports) quickly and directly; is not afraid to take negative action when necessary.