Join our team and experience ITS Logistics!

It’s fun to work in a company where people truly believe in what they’re doing. At ITS, we’re committed to bringing passion and customer focus to the business of logistics. We work hard, and we’re serious about what we do. But we like to have a good time, too. In fact, we run our company with that principle in mind every day!

At ITS, customer satisfaction is our top priority. We maintain a strong focus on investing for the future and have a record of utilizing our resources to provide our customers with an industry-leading service.

Information technology is a core enabler in delivering these quality services, and ITS continues to invest in transforming its applications and infrastructure to support business growth and differentiation. An increasing percent of IT spending is now allocated to innovation and transformation initiatives with the goal to rapidly leverage the following significant technology shifts for maximum business gain:

• Cloud services and elastic infrastructure to aid business agility, scalability, and resiliency.
• Data analytics to inform decision-making, drive business outcomes, and uncover new opportunities with data-driven insights.
• AI and automation to improve efficiency and to speed up business processes and results.
• Digital apps to reinvent the workplace to boost employee productivity, agility, and digital dexterity through an engaging and intuitive work environment (employee experience).

Position Overview
The Senior Manager of Information Security will have company-wide responsibility to provide security leadership in supporting ITS Logistics’ IT infrastructure and applications. The individual will be accountable for building and leading a corporate information security program to execute and deliver the following capabilities: IT systems security assessments, risk assessment and analysis, remediation prioritization, security operations, security policy development, security awareness training, security audits, certification, and compliance management. This role will also help influence and drive the overall enterprise information security strategy.

The individual will align the security operations of the company with industry benchmarks and best practices and implement capabilities that materially improve the information security posture of the company. The individual will be well-versed in security architecture and controls, familiar with current and emerging threats, able to develop appropriate risk mitigation plans, and proficient at working with internal business units and vendors to resolve risk issues. This is a hands-on position that requires practical experience in the areas of information security, privacy, risk management, and compliance.

Achieving this expected level of performance will require the candidate to have advanced skills in planning and managing multiple simultaneous projects and collaborating successfully with peers and others in the company.

ITS offers a competitive compensation and benefits package. In addition, we believe in fostering an environment where career development and enhancement is paramount to the company’s success. If you are an extraordinary person, passionate about innovation, energized by challenging opportunities, and looking for an opportunity to transform the IT infrastructure for a fast-growing logistics company, this is the right job for you!

Position Requirements

Bachelor’s degree from a four-year college or university; In-depth experience with security, audit and compliance frameworks such as ISO 27000 series, NIST CSF, SSAE16, etc.; CISSP, CISM preferred; Other IT Security related certifications a plus.

To be considered for this position, the successful candidate will have a strong background in information security, have experience in a similar management role in a multi- billion-dollar global corporation and possess evidence of distinguished performance in leading enterprise-wide security initiatives.

• Required Skills – The individual must be self-motivated, able to communicate effectively with all levels throughout the company. Must have a strong ability to manage a team of technical staff members who specialize in information security. Must be willing to work flexible hours when required to accomplish tasks during non-business hours.

Other special skills:

Documented experience in managing an enterprise-wide security function.

1. Demonstrated experience in the development and management of a comprehensive security program that balances risks and the needs and goals of the business units.
2. Working knowledge of common operating systems (Windows, Linux), Server virtualization using VMware products, networking equipment (Cisco, Fortinet), and network security architectures (DMZ, VLAN, IPSec, VPN, etc.).
3. Network technologies and products including Cisco routers, Cisco switches, SD-WAN, TCP/IP, SMTP, SNMP, and 802.11x wireless communications.
4. Technical knowledge in system and network security, authentication and security protocols, and application security.
5. Strong understanding of vulnerabilities and weaknesses in web applications and office productivity tools such as in Microsoft 365
6. Deep experience with Security tools including Fortinet firewalls, Crowdstrike, Microsoft Defender 365, SIEM tools, DLP, etc.
7. Building and operating secure and standardized/normalized, automated, and self-service cloud platforms for engineering teams, Infrastructure as Code (IaC), and DevSecOps. Experience in Azure is highly desirable.
8. Experience managing external auditors on security and compliance initiatives.
9. Experience in security issues related to mobile security, social media, and unified communications and collaboration.
10. Experience with (either as a customer or auditor) in vulnerability testing and security auditing, and regulatory compliance audits such as PCI, SOX, etc.
11. Demonstrated success working with internal audit, external auditors, outside consultants, and the legal department in a lead capacity.

• Quality – Demonstrates accuracy and thoroughness in resultant work products; looks for ways to improve and promote quality; applies feedback to improve performance; monitors own work to ensure quality. Expected to be diligent with figures and demonstrate accuracy and thoroughness in resultant work products, especially with costs, contracts, project plans, and reports.