Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Security Program Manager

P

Planet Fitness World Headquarters

Security Program Manager

Hampton, NH
Full Time
Paid
Similar Jobs
  • Responsibilities

    Planet Fitness Headquarters is searching for a Security Program Manager to join our team!

    As our Security Program Manager, you will closely collaborate with the VP of IT on expanding and supporting the company’s brand wide cyber security and compliance programs by working with IT, various business units, and external vendors. You will play a key role in managing risks related to cyber security, payment processing, health, and privacy laws and regulations. You will assist in managing various aspects of the cyber security program including but not limited to the evaluation of systems, applications, data classification, vulnerability scanning, incident response, policies, and training.

    As our Security Program Manager, you will be accountable for maintaining and continuously improving security controls surrounding our infrastructure and enterprise applications which resides on AWS, Azure, internal and externally hosted environments. You will work closely with internal staff and external vendors on developing, monitoring, and implementing various security solutions.

    This is a highly collaborative role which will assist in setting the overall direction of the company’s cyber security posture.

    Essential Duties and Responsibilities:

    Closely collaborate with the VP of IT on a variety of security related issues, designs, reviews, programs, and security solution implementations.

    Assist with critical IT projects to ensure that security issues are addressed throughout the project and development lifecycles.

    Execute on day to day deliverables that support the ongoing compliance needs related to cyber security, PCI, HIPAA, and privacy regulations.

    Provide analysis of system requirements relating to security, vulnerability, risk and contingency planning.

    Assist in evaluating and implementing security solutions and controls such as intrusion detection software, SIEMs, data encryption, data backup and recovery, etc. with the assistance of internal staff and external vendors.

    Track vulnerabilities that could affect business operations or introduce additional risk to the organization.

    Manage and track our internal risk register.

    Monitor and understand changes in regulations and standards adapting company protocols and standards to ensure ongoing compliance.

    Perform periodic reviews and provide feedback on mandatory cyber security and PCI online training programs.

    Perform periodic reviews and provide feedback on security related policies and procedures.

    Develop additional policies and procedures as needed.

    Develop and hold periodic information security training and/or compliance webinars.

    Provide consultation and support to franchise technology resources on defined security standards and practices.

    Regularly monitor and report upon system-wide PCI compliance and other regulations. Work directly with franchise technology resources to remediate any identified deficiencies.

    Assist in defining, creating, and supporting company-wide security KPIs for executive management reporting

    Perform incident management response across the enterprise and provide root cause analysis and post-mortem analysis to drive process improvements.

    Qualifications:

    Bachelor's degree in Computer Science, Information Systems or related field and/or combination of directly related work experience commensurate to 5 years’ experience in program management focusing on information security and IT compliance (PCI, SOX).

    Strong understanding of security frameworks such as NIST and COBIT.

    Knowledge of network routing, firewalls, intrusion detection systems, internet filtering, anti-virus technology, application security, secure email gateways and PCI compliant environments.

    Has a high level of patience and understanding. Understands that risks have to be balanced with business needs.

    Has technical knowledge and experience in network architecture, design, configuration and implementation.

    Experience evaluating compliance controls across security technologies and architecture.

    Has experience in development environments.

    Demonstrated knowledge of evaluating risk assessments, vulnerability assessments, and penetration tests.

    Experience with multiple information technology systems: (Dell SonicWALL firewalls, latest versions of Windows Server, Windows 7/8/10, Active Directory, TCP/IP, LAN/WAN, VPN).

    Knowledge of operation risk assessment methodology, mitigation development, monitoring and reporting.

    Ability to articulate ideas to both technical and non-technical audiences.

    Excellent planning, organizational, and project management skills.

    Strong critical thinking and troubleshooting skills.

    Superior communication and customer service skills; ability to write clear and concise technical documentation.

    Ability to balance multiple priorities in a dynamic, fast-paced environment.

    Function well within a collaborative team environment.

    Ability to work off-hours and provide on-call support as needed.

    CISA, CISM, CGEITC or equivalent certifications strongly preferred.

    Why you should join Planet Fitness!

    Contribute to changing people’s lives every day by helping us create a healthier Planet!

    Competitive salaries and comprehensive benefits package

    Employee Stock Purchase Program

    Childcare allowance

    Generous vacation/holiday pay

    Volunteer days off

    Onsite gym complete with locker rooms and Black Card area

    Free Black card and exercise incentives

    Cafe' that serves delicious, healthy breakfast and lunch options

    Company sponsored social events