Company Name:
Company Url:
Short Pitch:
Description:
Headquarter Location:
Tags:


Job Url:

Red Wing Shoe Company


Red Wing Shoe Company was built on America’s great promise; if one worked hard enough, one could achieve anything. In 1905, Mr. Charles Beckman founded the Red Wing Shoe Company. As a Main Street shoe store owner, he recognized the need for comfortable and durable work boots. Word of the quality and comfort built into every pair spread quickly and the company prospered. One hundred plus years later, the company is still located in Red Wing, Minnesota. Red Wing products consistently perform in environments spanning from the Mideast oil fields to the Midwest corn fields and still deliver on Mr. Beckman’s original promise of building a work boot that would be as tough as the customer who wore them. Red Wing Shoe Company, Inc. continues to be a privately-held corporation based in Red Wing, Minnesota. The Red Wing Shoes brand is distributed in more than 110 countries around the globe, including over 4,000 U.S. retail locations serving both consumer and industrial customers. With over 2,000 employees, Red Wing is famous for its premium quality work and safety footwear.

Headquarter Location:
Red Wing, MN

Red Wing Shoe Company is hiring a Remote Information Security Risk Manager

Job Description

Red Wing Shoe Company is looking for an experienced Information Security Risk Manager to join our team to manage Governance, Risk, and Compliance (GRC) activities within our Information Security Program. Reporting to the Director of Information Security, this role is focused on developing, maintaining, and managing Red Wing’s Information Security GRC processes and functions. The Information Security Risk Manager will drive information security risk identification, tracking, and remediation efforts internally and with critical third-party vendors and partners.

The Information Security Risk Manager will monitor Red Wing’s compliance with key security regulations and standards and provide risk consulting, guidance, and training to internal business and technical partners on security policies, standards, and regulations related to their business areas and projects.

ESSENTIAL DUTIES AND RESPONSIBILITIES

  • Manage the information security risk management process, including identifying, assessing, mitigating, and monitoring risks.
  • Oversee the PCI-DSS compliance program, ensuring payment channels remain compliant, resolving issues, and reporting annually.
  • Build relationships with key business partners to address information security risks and implement effective remediation plans.
  • Lead third-party and vendor risk management programs, ensuring external partner security and compliance are monitored and reported.
  • Collaborate with cross-functional teams to ensure DevSecOps processes adhere to regulatory requirements, security policies, and controls.
  • Develop and deliver user security awareness training and foster a strong security culture.
  • Support vulnerability management, coordinating to identify, prioritize, and remediate security gaps.
  • Establish and maintain security policies and standards aligned with the company’s security strategy.
  • Monitor and report on the Information Security Program’s effectiveness, driving continuous improvement.
  • Stay informed of industry best practices, regulatory requirements, and emerging threats to enhance the company’s security posture.

Qualifications

MINIMUM EDUCATION AND YEARS OF EXPERIENCE:

  • A bachelor's degree in Information Security, Computer Science, or a related field.
  • A minimum of 7 years of experience in information security, with a focus on risk management, GRC, and/or vulnerability management.
  • Relevant professional certifications, such as CISSP, CISM, CRISC, or CISA, are preferred.

REQUIRED KNOWLEDGE, SKILLS, AND ABILITIES:S)

  • Experience managing and/or assessing information security risk management processes, GRC functions, and/or vulnerability management.
  • Strong knowledge of, and experience managing, Payment Card Industry Data Security Standards (PCI-DSS) compliance.
  • Strong knowledge of information security principles, best practices, and industry standards, such as CIS Critical Security Controls, ISO 27001, NIST, and GDPR.
  • Experience performing technical risk analysis using quantitative risk methodologies, such as FAIR (Factor Analysis of Information Risk)
  • Familiarity with third-party and vendor risk management concepts, processes, and tools.
  • Experience developing and delivering security awareness training programs for a diverse audience.
  • Excellent communication skills, with the ability to articulate complex security concepts to both technical and non-technical stakeholders.
  • Strong documentation, planning, negotiation, work prioritization and organizational skills.
  • Team player willing and able to promote a working environment that encourages and increases collaboration, clarity, and innovation.

See more jobs at Red Wing Shoe Company

Apply for this job