Sr. Staff Information Security Engineer

Today, through BHN’s single global platform, businesses of all kinds can tap into the world’s largest network of branded payment solutions. BHN helps businesses grow revenue, increase loyalty, motivate and reward their teams, disburse funds and engage consumers. Branded payment solutions include the issuance and distribution of gift cards, egifts, corporate payouts and rewards, along with the technology to deliver these products in seamless, integrated ways. BHN’s network spans the globe with more than 400,000 consumer touchpoints. Learn more at BHN.com.

We are looking to hire an accomplished Sr. Staff Security Compliance Manager to join the Blackhawk Technology Organization reporting into the Sr. Director of InfoSec. This position will be tasked with building and maintaining an Information Security Management Program based on ISO standards and IT Security Risk Assessment program.

• Coordinate, develop and implementation of security: policies, awareness, compliance reporting, incident response process, risk assessment and mitigation.
• Provide thought leadership while relying upon extensive experience and judgment to plan and accomplish security objectives.
• Lead and direct the security organization and collaborate with all stakeholders to deliver exceptional results.
• Evaluate Information Security policy compliance, including internal and external audit initiatives for overall effectiveness.
• Lead IT Security GCR (Global Compliance and Reporting) initiatives and provide thought leadership to key stakeholders including Executive Staff, HR, Legal, Compliance and Risk teams.
• Act as the main point of contact for , audits, certification and other compliance efforts including PCI DSS, PCI PA, SOX and SSAE-16.
• Research and understand emerging information security threats, vulnerabilities, and their countermeasures.
• Execute the long-term strategy for the department and manage the roadmap / action plan.
• Work with product owners, business stakeholders, business analysts and engineering teams to review security requirements and approve / modify designs as needed.
• Mentor and continuously raise the bar for a best-of-class security team.
• Report on status of development, quality, operations, and system performance to management.
• Handle multiple competing priorities in a fast-paced environment.

• Technical knowledge of information technology and security issues is highly desirable
• Exceptional leadership, time management and organization skills with an aptitude towards creative problem solving.
• Excellent organizational skills
• Proven track record in leading, driving, high performance technical and operational teams, and utilizing analytics to help decision making in complex environments.
• Highly developed leadership skills and the proven ability to develop successful partnerships with internal and external stakeholders.
• Established track record of competency in the field of information security with direct experience in a significant compliance role.
• Thought leader, articulate, consensus building, and persuasive with a demonstrated ability to serve as an effective member of the management team.
• Highly developed oral and written communication skills; strong presentation skills.
• Ability to simplify and report on complex technical functions and risks to senior leaders.
• Working knowledge of relevant domestic and international security standards and best practices such as PII, PCI DSS, ISO 27001/2, SSAE 16, SOX and AML.
• Working knowledge of and experience in policy creation and management

Education/Certifications

• Master of Science in Information Systems
• Relevant, industry recognized security certification such as CISSP, CISA, PCI SA, CISM, CPP and/or CFE is preferred.
• 10+ years of experience in security governance, risk and compliance, information security and information technology
• 10+ years of experience managing complex security architecture in AWS, Azure Cloud
• 10+ years of experience threat modelling, application security, infrastructure security

Blackhawk Network offers benefits including 401k with employer match, medical, dental, vision, 12 paid holidays throughout the year, 1 hour of sick pay accrual for every 30 hours worked, parental leave, life insurance, disability insurance, accident and illness insurance, health and dependent care flexible spending accounts, wellness benefits, and flexible time off for all full-time employees. 

Blackhawk Network provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.  Blackhawk Network believes that diversity leads to strength. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Blackhawk Network encourages applicants with previous criminal records to apply to all positions and, pursuant to the San Francisco and Los Angeles Fair Chance Acts (and other “Fair Chance” laws), Blackhawk Network will consider for employment qualified applicants with arrest and conviction records.  For Philadelphia applicants or jobs, please see a copy of Philadelphia’s ordinance on this topic by clicking this link: https://codelibrary.amlegal.com/codes/philadelphia/latest/philadelphia_pa/0-0-0-280104.