Advance Stores - Raleigh, NC
posted 3 months ago
The Vice President and Chief Information Security Officer (CISO) at Advance Auto Parts will be tasked with developing and implementing a comprehensive information security strategy aimed at safeguarding the company's digital assets, customer information, and IT infrastructure. This executive role is pivotal in overseeing all aspects of information security, which includes risk management, compliance, incident response, and cybersecurity operations. The CISO will work closely with senior leadership to ensure that security initiatives are aligned with business goals, thereby providing the highest level of protection against cyber threats. This position is part of a hybrid work arrangement based in Raleigh, NC, and reports directly to the EVP and Chief Technology Officer. In terms of leadership and strategy, the CISO will be responsible for developing and executing an enterprise-wide information security strategy that aligns with the business objectives of Advance Auto Parts. This includes providing strategic direction to the information security program and leading a high-performing information security team. Risk management is another critical area of focus, where the CISO will identify, assess, and prioritize security risks while developing appropriate mitigation plans. Establishing and enforcing security policies, standards, and guidelines, as well as conducting regular security risk assessments and audits, will also fall under this role's purview. Compliance and governance are essential components of the CISO's responsibilities, ensuring adherence to relevant laws, regulations, and industry standards such as PCI-DSS and GDPR. The CISO will oversee the development and implementation of security policies and procedures and collaborate with internal and external auditors to address compliance issues. In the event of security incidents, the CISO will lead the response efforts, including forensic analysis and root cause determination, while also overseeing disaster recovery and business continuity planning. Cybersecurity operations will involve the implementation and management of security technologies, monitoring and analyzing security threats and vulnerabilities, and managing security operations center (SOC) activities. Collaboration and communication are key aspects of this role, as the CISO will work with IT, legal, and other departments to ensure a cohesive approach to information security. Additionally, the CISO will communicate security-related topics to executive leadership and the board of directors, fostering a culture of security awareness across the organization.