Director, Corporate IT Security

PAR is looking for a Director of IT Security, reporting to the VP of IT. PAR is an international, fast-paced, high-growth environment and our tech stack is cloud and SaaS first, with a limited on-prem footprint. Our ideal candidate will embrace diverse perspectives and exhibit integrity, leadership, security domain expertise, strong technical acumen, sound business judgement, creativity, entrepreneurial spirit, and exceptional communication skills, all while keeping security and business objectives front and center.

The Director of IT Security and their team are primarily responsible for IT / Corporate capabilities including endpoint/infra/data/SDLC security engineering, vulnerability management, pen testing, incident response, and security visibility and response automation. While being a key resource for the entire company, the Director of IT Security should be a trusted subject matter expert who partners closely with IT, Legal, Internal Audit, GRC, and the Product & Technology teams in delivering against the company’s overall cybersecurity program.

Location

Remote North America, preferably ET or CT time zones, occasional travel (2-3 times a year) for team building activities

Pay Band

The base salary range for this position is $180,000 to $230,000 USD per year commensurate with work location, experience, skills, certifications, education, and prior accomplishments. The position may be eligible for additional compensation, including a bonus, commission and/or equity, as applicable.

Why We Need You

• Develop and lead the IT Security vision and strategy aligned with PAR's business objectives, and oversee the implementation and management of the security program aligned with industry best practices and compliance requirements
• In partnership with the GRC team, prioritize the most valuable security outcomes for the business aligned with a risk-based control framework
• Lead, mentor and grow the IT Security team to be business focused, deeply technical, highly motivated, and productive, fostering a culture of continuous improvement and professional development
• Partner with IA and GRC on compliance efforts for SOX ITGCs, and serve as a subject matter expert for SOC and/or PCI compliance activities as needed
• Manage security operations, improving monitoring, detection, analysis, response, orchestration, and automation capabilities
• Direct IT vulnerability management and penetration testing activities to ensure robust system security and compliance with defined controls
• Assess and deploy security tools to identify and mitigate system and software vulnerabilities and misconfigurations
• Oversee the incident response process, acting as a senior incident commander during major security incidents
• Objectively communicate progress toward defined goals and outcomes by developing appropriate KPIs and related reports appropriate for senior leadership and the board of directors

How You Show Up

• Ability to build collaborative relationships with diverse stakeholders within IT and across the whole company
• Effective communicator who can coordinate, escalate, provide feedback, and ask for help
• Capable of efficiently managing the IT Security team's workflow using scrum / kanban methodologies
• Continuous learner, innovator, and collaborator who thrives on helping people achieve more than they thought possible – together, we win as a team!

Must Have

• Bachelor’s degree in a business or technology related major and a current industry certification such as CISSP, CCSP, CISM, MS Cybersecurity Architect, etc.
• 10+ years of hands-on engineering experience in one or more domains such as infrastructure, IAM, IaaS/PaaS, or software engineering, with 3-5 of those years being in a leadership role of a cybersecurity team
• Significant experience working with and securing the entire Microsoft 365 stack and Azure IaaS/PaaS
• Experience leading and supporting security incident response and investigations
• Thorough knowledge of common regulations, laws, and control frameworks, such as SOX ITGCs, GDPR, CCPA, SOC II, PCI, CIS, ISO27001, etc.

Nice to Have

• Experience working in a (SaaS) technology company
• Working knowledge of Agile Scrum, SDLC, dev ops, ITIL
• M&A experience
• Scripting or programming experience

Additional Information

At PAR, we believe we will win or lose based on the culture we build.

Our culture is built on 4 values

• Speed – we are the kind of people who do not wait for the elevator
• Ownership – we want owners, not renters
• Focus – success is built from focusing on what matters most
• Winning Together – for PAR to win, we need our customers, our employees, our suppliers, our shareholders, and our community to succeed

We believe by committing to these values (and more) we can build a cultural spirit that, combined with our products, will create years of long-term success.