Chief Information Security Officer

Party City Holdco Inc. (PCHI) is a global leader in the celebrations industry, with its offerings spanning more than 70 countries around the world. PCHI is also the largest vertically integrated designer, manufacturer, distributor, and retailer of party goods in North America.

PCHI operates across multiple businesses within its Retail Division and Consumer Products Division. On the retail side, Party City is the leading omnichannel retailer in the celebrations category, operating more than 750+ company-owned and franchise stores. The Consumer Products Division includes design and manufacturing entity Amscan, an industry leader in celebration dcor, tableware, costumes, and accessories.

PCHI is headquartered in Woodcliff Lake, with additional locations throughout the Americas and Asia.

Job Overview :

The CISO will have responsibility for all PCHI data / information security policies, standards, evaluations, and determining, implementing, and supporting cyber security standards for the global enterprise. The candidate must be creative and technologically bold as well as possess a mix of pragmatism, strong management, communications skills, and technical depth.

In this role, the CISO will be involved in all facets of information security and work across departments in a fast-paced environment, wearing multiple hats and managing large initiatives such as security audits. You must have a passion for implementing and supporting cyber security standards to keep our customers and our company's data safe. In addition, the role is responsible for IT Projects Governance framework, network security framework, information and cyber security policies, and best practices.

A key element of the CISO's role is working with executive management to determine acceptable levels of risk for the organization. Therefore, must be knowledgeable about both internal and external business environments and ensure that information systems are maintained in a fully functional and secure mode and are compliant with legal, regulatory, and contractual obligations.

Responsibilities and Duties :

• Leads a diverse technical organization in identifying, developing, implementing, and maintaining security processes, practices, and policies throughout the organization to reduce risks, respond to incidents, and limit exposure and liability in all areas of informational, financial, physical, personal, and reputational risk.
• Interfaces with the IT organization and senior management to establish strategies that have a direct impact on services for our internal users, customers, and partners.
• Matures Governance and compliance frameworks for IT projects and security.
• Collaborates with IT peers on the Architecture Review Board, acting as the primary architect for the cybersecurity realm.
• Presents to Audit Committee and works extensively with internal and external auditors.
• Effectively manages a direct budget and makes efficient staffing decisions.
• Performs application risk analysis and threat modeling.
• Keeps up to date on threat intelligence, including zero-day vulnerabilities and emerging threat vectors.
• Oversees network security measures, including firewalls and IDS. Protects Data and Encryption.
• Reviews Identity & Access Management and Privileged User Access.
• Collaborates with Information Technology leadership team to establish appropriate security standards and provide an effective governance structure to ensure compliance and accountability.
• Defines cyber security governance and control strategies for emerging technologies such as AI, cloud & containerization, blockchain, and robotic process automation.
• Conducts risk analysis and engages cyber security, business management, and other stakeholders for resolution.
• Performs application, vendor, and cloud security reviews and supports system vulnerability assessments.

Skills Required :

Qualifications :

#J-18808-Ljbffr