About Blackhawk Network

Blackhawk Network (BHN) is the leader in global branded payment technologies. We strengthen relationships between brands and their customers, employees, and partners by transforming transactions into connections. BHN’s portfolio includes: Gift Card & eGift products, promotions and distribution that grow revenue faster; Rewards & Incentives that build loyalty and acquisition and are integrated into today’s leading platforms; and Payments that enable businesses and customers to access and disburse funds in convenient and innovative ways. BHN’s network spans across the globe with over 400,000 consumer touchpoints. Learn more at BHN.com.

Overview

This new role is for a leader to assist Blackhawk Network’s CISO on Blackhawk Network’s strategic initiatives and information security projects. We are seeking a multifaceted leader who can perform the fundamental roles of a Sr. Manager of Cybersecurity Operations, which include but are not limited to creating and leading projects that enhance the Blackhawk’s cybersecurity Operation's programs and implement strategic plans, policies, and procedures to enhance the company's security operations. As a pivotal member of the Information Security Leadership team, this person will work closely with the CISO and large stakeholders across the company to discuss and enable a better understanding of large-scale cyber security issues.

Responsibilities

• The Sr. Manager will work closely with the CISO to develop and implement strategic plans, policies, and procedures to enhance the company's security operations
• Participate in cross functional teams to develop and improve policies and procedures within the technology organization and within the CISO Office
• The Sr. Manager of Security Operations will lead and manage the Incident Response and Detection Engineering teams and the from within the Information Security department
• This critical role is responsible for ensuring the organization's security posture by proactively identifying, investigating, and mitigating cybersecurity threats and incidents
• Develop and implement a roadmap for continuous improvement of the team's capabilities
• Collect and analyze information security threat intelligence to proactively identify and assess threats that could impact BlackHawk Networks
• Collaborate with security teams outside BlackHawk Networks to integrate threat intelligence into the organization's incident response plans
• Lead the response to information security incidents, including investigation of, countermeasures to, and recovery from cyber-attacks, unauthorized access, and policy breaches
• Engage, interact, and coordinate with incident responders and law enforcement
• Define and monitor service level agreements (SLAs) and key performance indicators (KPIs) for MSSP engagements
• Evaluate and implement advanced threat detection technologies and techniques to enhance the organization's detection capabilities
• Hire, mentor, and train security engineers, fostering a culture of continuous learning, knowledge sharing, and collaboration within the Security Operations team
• Prepare metrics reports and dashboards for Security Operations and communicate the effectiveness and value of Security Operations to the CISO, senior management, and other relevant stakeholders
• This role will be instrumental in shaping robust security solutions that support the company's dynamic needs while fostering a culture of excellence and innovation within your team
• Drive the planning and execution of security projects, ensuring alignment with business objectives and minimal disruption to operations
• Foster a culture of continuous improvement and innovation within the security engineering team, encouraging professional growth and talent development
• Provide strong and deep project management insights across delivery and maintain comprehensive knowledge of industry standards, methodologies, processes and best practices.
• Develop and maintain policies and programs to support the information security project processes
• Develop schedules and project plans to ensure timely completion to the project deadlines, including identification of scope changes, critical path items, dependencies
• Work closely with information security specialists and engineers to understand and prioritize the remediation of identified vulnerabilities, track the status of these activities
• Ensure projects adhere to key constraints like budgets and resource allocation and that project risks are tracked, communicated and mitigated where possible
• Identify opportunities to improve the cybersecurity program, and maintain in a state of audit-readiness to support regulatory and partner requirements

Qualifications

• 12 years of experience with at least 8 years in a cloud-production environment or equivalent industry experience
• 10 years of people management experience within an information security domain
• Strong Technical background in Perimeter Security, Bot Protection, Threat hunting, Security tooling & Operations Crowdstrike, Splunk, Qualys, Signal Science, Imperva, AWS Tooling, Guardduty, Forensics
• Must have experience leading Incident Response functions
• Experience providing technical leadership and guidance, and thinking strategically and analytically to solve problems
• Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck and SANS Critical Security Controls)
• Exceptional collaboration and partnership skills, with the ability to build strong relationships with key stakeholders across the organization, including IT, legal, compliance, human resources, and business units
• Familiarity with Security Orchestration, Automation, and Response (SOAR) platforms and their implementation
• The ability to work in a very fast-paced and diverse environment and are comfortable wearing multiple hats in support of getting to strong security outcomes
• Led with a people-first approach, can facilitate a conversation rather than dictate it, and is empathetic to divergent viewpoints
• Bachelor’s degree in a relevant field. Graduate degree is a plus.
• Familiarity with COBIT5, FFIEC, PCI-DSS, ISO9001, ISO27001, ISO23001, SOC2, Cyber Essentials, and GDPR
• Experience managing enterprise-scale projects
• Experience managing remote project personnel
• Experience briefing/presenting to Senior Leadership
• Minimum of 10 years Information Security and minimum 5 years in IT or Networking
• Experience with threat risk methodology
• Strong negotiator with a balanced approach to managing risk
• Preferred certifications: PMP, CISSP, ITIL, CSM, V3, CISM, CISA, GIAC, PMI, CSPM
• Strong communicator at all levels
• Collaborative mindset and the ability to influence indirectly
• Experience in banking, payments, or similarly regulated industries
• Experience implementing programs across a global company
• Ability to process and understand complex information relevant to cyber security initiatives
• Possess the ability to multi-task between projects while communicating any necessary information to clients
• Bachelor's degree in information technology, Computer Science, or equivalent, with 10 years of progressive experience in information security engineering, focusing on building robust security solutions
• Proven track record in project management within the cybersecurity domain, including the successful delivery of complex security projects
• Demonstrated leadership in managing and developing high-performing cybersecurity teams
• Deep understanding and hands-on experience in designing and implementing comprehensive security solutions that align with business needs
• Strong knowledge of best practices in operational excellence and minimizing the impact of security measures on business operations

Successful candidates will have the ability to work autonomously and be able to bridge the gap between deep technical knowledge and cybersecurity initiatives across the company to influence business development and information security protocols across the company.

Benefits

Salary Range for California Residents Only: $157,030.00 to $212,000.00

Pay is based on several factors including but not limited to education, work experience, certifications, etc. In addition to your salary, Blackhawk Network offers benefits including 401k with employer match, medical, dental, vision, 12 paid holidays in the year 2024, 1 hour of sick pay accrual for every 30 hours worked, parental leave, life insurance, disability insurance, accident and illness insurance, health and dependent care flexible spending accounts, wellness benefits, and flexible time off for all full-time employees.

EEO Statement

Blackhawk Network provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Blackhawk Network believes that diversity leads to strength. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Blackhawk Network encourages applicants with previous criminal records to apply to all positions and, pursuant to the San Francisco and Los Angeles Fair Chance Acts (and other “Fair Chance” laws), Blackhawk Network will consider for employment qualified applicants with arrest and conviction records. For Philadelphia applicants or jobs, please see a copy of Philadelphia’s ordinance on this topic by clicking this link: https://codelibrary.amlegal.com/codes/philadelphia/latest/philadelphia_pa/0-0-0-280104.