Senior Manager Information Security - Bread Financial
Columbus, OH 43085
About the Job
Every career journey is personal
That's why we empower you with the tools and support to create your own success story
Be challenged
Be heard
Be valued
Be you ..
be here.Job SummaryThe Sr
Manager, Information Security will be responsible for managing a team of Information Security Vulnerability Management professionals
This position leads the team that is responsible for the overall Vulnerability Management program including penetration testing
This position leads efforts to ensure compliance to regulatory requirements, ensures service level agreements around vulnerability patching are met, and ensures the protection of company information assets
This position reports to the Senior Director, Information Security and works closely across other Information Security disciplines, as well as IT & Operations, Privacy, Legal, Enterprise Risk Management, and the business.Essential Job FunctionsLeadership and Development – Lead a team of Information Security Vulnerability Management professionals of various experience levels and bands and the evolution of their respective areas of responsibility
Hire and train new staff, conduct performance reviews and utilize subject matter expertise to guide and coach team members
Demonstrate self-learning in gaining knowledge of new technical developments and ensure they are shared appropriately and applied within the department
Identify and understand drivers for change and act as a champion and partner with other leaders to deliver those changes
Ability to lead in a team-fostered, fast-paced, multi-threaded environment, and able to effectively delegate and accomplish efforts through others
Actively engage in the creation and management of the InfoSec team’s strategy and vision
Actively work as a change agent to support InfoSec initiatives both within the team and the broader organization.Collaboration and Communication – Partner with internal teams on strategic and tactical plans for information security vulnerability management efforts regarding major system and application changes to help ensure that information security standards are maintained and information assets are protected
Ability to diffuse problematic situations and manage through conflict resolution
Ability to take complex concepts and break down into laymen’s terms or analogies that help with other’s understanding
Viewed as an enabling partner that provides options or information when saying no to business or IT requests
Seen by senior leadership and peers as creditable, trustworthy, and respectful
Communicate goals and new programs effectively with other leaders within and outside the organization
Produce presentations at various levels of abstraction dependent on intended audience using Microsoft Power Point, Microsoft Visio, or equivalent tools
Advanced interpersonal, negotiation, oral communication and English writing skills expected.Process and Project Management – Lead the design and the implementation of key IT projects and initiatives as they pertain to the organization's long-term security strategy
Identify areas of improvement where processes do not currently exist and drive the development and delivery of new processes to address these gaps
Ability to lead through ambiguity and deliver quality results
Willingness to escalate identified issues as necessary and the ability to identify when to partner with senior leadership to resolve issues, risks, or obstacles
Builds consensus for delivering results while finding common ground for collaboration and partnership, including partnerships with suppliers.Operational Effectiveness – Maintain appropriate internal processes and procedures to ensure operational effectiveness of the team
Lead the creation of and the maintenance of relevant documentation including run books, project updates, process documentation, architecture and technical requirements and presentations
Assist in managing department budget and costs associated with associate training and expenses
Work with the Change Advisory Board (CAB) to identify and manage changes that will impact Information Security controls
Develop and deliver Key Performance Indicators (KPIs) through the understanding of the tools and deliverables by helping to develop, maintain and mature the associated reporting structure
Ability to produce meaningful and actionable metrics through data analysis
Lead data analysis exercises using Excel Pivot Tables, Microsoft Access Queries, and other data driven analysis tools.Subject Matter Expertise – Advanced knowledge of IT tools and practices including, but not limited to:Vulnerability/Patch Management, Application Code Scanning, Penetration Testing, Networking, Software Development Lifecycle Automation, Cyber Security Tooling
Intermediate knowledge of regulatory bodies and corresponding compliance requirements including, but not limited to PCI-DSS, SOX, GLBA, CCPA, GDPR
Advanced knowledge of control frameworks including, but not limited to: FFIEC Examination Handbooks, NIST 800-53, ISO 27001
Intermediate knowledge of Cyber Security Maturity Frameworks such as NIST-CSF and FFIEC Cyber Assessment Tool.Reports to: Sr
Director, Information SecurityWorking Conditions/ Physical Requirements:Normal office environment.As the need of the business continue to evolve, this role may be asked to work an on-call rotation to include evenings or weekends.This position is hybrid with an onsite schedule of 3-4 days per month
In-office requirements are subject to change based on business needs
This position is currently available to candidates that reside within 60 miles of Columbus, OH. Direct Reports: Yes, 3-10Minimum Qualifications:High School Diploma or GEDOne or more field related professional technical certifications (CISSP, CISA, CISM, Security+, CDPSE) or able to complete within 12 months.Eight or more years of experience in Information Security, IT Audit or Risk ManagementPreferred Experience:Bachelors in Computer Science or Information Technology or equivalent experience1 year or more management experienceTwo or more field related professional technical certifications (CISSP, CISA, CISM, Security+, CDPSE)Ten or more years of experience in Information Security, IT Audit or Risk Management#INDPROFOther DutiesThis job description is illustrative of the types of duties typically performed by this job
It is not intended to be an exhaustive listing of each and every essential function of the job
Because job content may change from time to time, the Company reserves the right to add and/or delete essential functions from this job at any time.Typical Starting Range: $133,500.00 - $241,900.00Full Salary Range for position:California: $153,500.00 - $302,400.00Colorado: $133,500.00 - $254,000.00New York: $146,800.00 - $302,400.00Washington: $140,100.00 - $278,200.00Maryland: $140,100.00 - $254,000.00Washington DC: $153,500.00 - $278,200.00The actual base pay within this range may be dependent upon many factors, which may include, but are not limited to, work location, education, experience, and skills.Bread Financial offers medical, prescription drug, dental, vision, and other voluntary benefits (including basic and optional life insurance, supplemental medical plans, and short and long-term disability) to eligible associates (regular full-time associates scheduled to work 30 hours per week or more) and their spouses/domestic partners, and child(ren) under the age of 26. New associate elected coverage begins on date of hire (with the exception of disability coverage which has a 6-month waiting period). Six weeks of 100% paid parental leave for eligible parents is available after a 180-day waiting period
Hired associates can immediately enroll in Bread Financial’s 401(k) plan.All associates receive 11 paid holidays
Associates have discretion in managing their time away from work through the Flexible Time Off (FTO) program and may need to notify and receive approval from their manager prior to taking the time off
Associates (except those located in Illinois) receive 80 hours of Paid Sick and Safe Time (“PSST”) upon hire and at the beginning of each subsequent calendar year
Illinois associates receive 40 hours of Illinois PSST upon hire and at the beginning of each subsequent calendar year and 40 hours of Illinois Paid Leave upon hire and at the beginning of each subsequent calendar year
Illinois Paid Leave must be used before associates in Illinois will be approved to take FTO.Hired associates will be able to elect the purchase company stock during offering periods in June and December
You will be eligible for an annual incentive bonus based on individual and company performance.Click here for more Benefits information.About Bread Financial At Bread Financial, you’ll have the opportunity to grow your career, give back to your community, and be part of our award-winning culture
We’ve been consistently recognized as a best place to work nationally and in many markets and we’re proud to promote an environment where you feel appreciated, accepted, valued, and fulfilled—both personally and professionally
Bread Financial supports the overall wellness of our associates with a diverse suite of benefits and offers boundless opportunities for career development and non-traditional career progression.Bread Financial (NYSE: BFH) is a tech-forward financial services company providing simple, personalized payment, lending and saving solutions
The company creates opportunities for its customers and partners through digitally enabled choices that offer ease, empowerment, financial flexibility and exceptional customer experiences
Driven by a digital-first approach, data insights and white-label technology, Bread Financial delivers growth for its partners through a comprehensive suite of payment solutions that includes private label and co-brand credit cards and Bread Pay buy now, pay later products
Bread Financial also offers direct-to-consumer products that give customers more access, choice and freedom through its branded Bread Cashback American Express Credit Card, Bread Rewards American Express Credit Card and Bread Savings products.Headquartered in Columbus, Ohio, Bread Financial is powered by its approximately 7,000 global associates and is committed to sustainable business practices
To learn more about Bread Financial, visit breadfinancial.com or follow us on Facebook, LinkedIn, X and Instagram.Bread Financial offers competitive pay, a comprehensive selection of benefit options including 401(k).The Company is an Equal Opportunity Employer.Any applicant offered employment will be required to establish that they are legally authorized to work in the United States for the Company.The Company participates in E-Verify.The Company will consider for employment all qualified applicants, including those with a criminal history, in a manner consistent with the requirements of all applicable federal, state, and local laws, including the Los Angeles Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act. Applicants with criminal histories are encouraged to apply.The Company complies with the Americans with Disabilities Act (ADA), as amended, and all applicable state/local laws. The Company will provide accommodations to applicants needing accommodations to complete the application process
Applicants with disabilities may contact the Company to request and arrange for accommodations. If you need assistance to accommodate a disability, you may request an accommodation at any time. Please contact the Recruiting Team at
That's why we empower you with the tools and support to create your own success story
Be challenged
Be heard
Be valued
Be you ..
be here.Job SummaryThe Sr
Manager, Information Security will be responsible for managing a team of Information Security Vulnerability Management professionals
This position leads the team that is responsible for the overall Vulnerability Management program including penetration testing
This position leads efforts to ensure compliance to regulatory requirements, ensures service level agreements around vulnerability patching are met, and ensures the protection of company information assets
This position reports to the Senior Director, Information Security and works closely across other Information Security disciplines, as well as IT & Operations, Privacy, Legal, Enterprise Risk Management, and the business.Essential Job FunctionsLeadership and Development – Lead a team of Information Security Vulnerability Management professionals of various experience levels and bands and the evolution of their respective areas of responsibility
Hire and train new staff, conduct performance reviews and utilize subject matter expertise to guide and coach team members
Demonstrate self-learning in gaining knowledge of new technical developments and ensure they are shared appropriately and applied within the department
Identify and understand drivers for change and act as a champion and partner with other leaders to deliver those changes
Ability to lead in a team-fostered, fast-paced, multi-threaded environment, and able to effectively delegate and accomplish efforts through others
Actively engage in the creation and management of the InfoSec team’s strategy and vision
Actively work as a change agent to support InfoSec initiatives both within the team and the broader organization.Collaboration and Communication – Partner with internal teams on strategic and tactical plans for information security vulnerability management efforts regarding major system and application changes to help ensure that information security standards are maintained and information assets are protected
Ability to diffuse problematic situations and manage through conflict resolution
Ability to take complex concepts and break down into laymen’s terms or analogies that help with other’s understanding
Viewed as an enabling partner that provides options or information when saying no to business or IT requests
Seen by senior leadership and peers as creditable, trustworthy, and respectful
Communicate goals and new programs effectively with other leaders within and outside the organization
Produce presentations at various levels of abstraction dependent on intended audience using Microsoft Power Point, Microsoft Visio, or equivalent tools
Advanced interpersonal, negotiation, oral communication and English writing skills expected.Process and Project Management – Lead the design and the implementation of key IT projects and initiatives as they pertain to the organization's long-term security strategy
Identify areas of improvement where processes do not currently exist and drive the development and delivery of new processes to address these gaps
Ability to lead through ambiguity and deliver quality results
Willingness to escalate identified issues as necessary and the ability to identify when to partner with senior leadership to resolve issues, risks, or obstacles
Builds consensus for delivering results while finding common ground for collaboration and partnership, including partnerships with suppliers.Operational Effectiveness – Maintain appropriate internal processes and procedures to ensure operational effectiveness of the team
Lead the creation of and the maintenance of relevant documentation including run books, project updates, process documentation, architecture and technical requirements and presentations
Assist in managing department budget and costs associated with associate training and expenses
Work with the Change Advisory Board (CAB) to identify and manage changes that will impact Information Security controls
Develop and deliver Key Performance Indicators (KPIs) through the understanding of the tools and deliverables by helping to develop, maintain and mature the associated reporting structure
Ability to produce meaningful and actionable metrics through data analysis
Lead data analysis exercises using Excel Pivot Tables, Microsoft Access Queries, and other data driven analysis tools.Subject Matter Expertise – Advanced knowledge of IT tools and practices including, but not limited to:Vulnerability/Patch Management, Application Code Scanning, Penetration Testing, Networking, Software Development Lifecycle Automation, Cyber Security Tooling
Intermediate knowledge of regulatory bodies and corresponding compliance requirements including, but not limited to PCI-DSS, SOX, GLBA, CCPA, GDPR
Advanced knowledge of control frameworks including, but not limited to: FFIEC Examination Handbooks, NIST 800-53, ISO 27001
Intermediate knowledge of Cyber Security Maturity Frameworks such as NIST-CSF and FFIEC Cyber Assessment Tool.Reports to: Sr
Director, Information SecurityWorking Conditions/ Physical Requirements:Normal office environment.As the need of the business continue to evolve, this role may be asked to work an on-call rotation to include evenings or weekends.This position is hybrid with an onsite schedule of 3-4 days per month
In-office requirements are subject to change based on business needs
This position is currently available to candidates that reside within 60 miles of Columbus, OH. Direct Reports: Yes, 3-10Minimum Qualifications:High School Diploma or GEDOne or more field related professional technical certifications (CISSP, CISA, CISM, Security+, CDPSE) or able to complete within 12 months.Eight or more years of experience in Information Security, IT Audit or Risk ManagementPreferred Experience:Bachelors in Computer Science or Information Technology or equivalent experience1 year or more management experienceTwo or more field related professional technical certifications (CISSP, CISA, CISM, Security+, CDPSE)Ten or more years of experience in Information Security, IT Audit or Risk Management#INDPROFOther DutiesThis job description is illustrative of the types of duties typically performed by this job
It is not intended to be an exhaustive listing of each and every essential function of the job
Because job content may change from time to time, the Company reserves the right to add and/or delete essential functions from this job at any time.Typical Starting Range: $133,500.00 - $241,900.00Full Salary Range for position:California: $153,500.00 - $302,400.00Colorado: $133,500.00 - $254,000.00New York: $146,800.00 - $302,400.00Washington: $140,100.00 - $278,200.00Maryland: $140,100.00 - $254,000.00Washington DC: $153,500.00 - $278,200.00The actual base pay within this range may be dependent upon many factors, which may include, but are not limited to, work location, education, experience, and skills.Bread Financial offers medical, prescription drug, dental, vision, and other voluntary benefits (including basic and optional life insurance, supplemental medical plans, and short and long-term disability) to eligible associates (regular full-time associates scheduled to work 30 hours per week or more) and their spouses/domestic partners, and child(ren) under the age of 26. New associate elected coverage begins on date of hire (with the exception of disability coverage which has a 6-month waiting period). Six weeks of 100% paid parental leave for eligible parents is available after a 180-day waiting period
Hired associates can immediately enroll in Bread Financial’s 401(k) plan.All associates receive 11 paid holidays
Associates have discretion in managing their time away from work through the Flexible Time Off (FTO) program and may need to notify and receive approval from their manager prior to taking the time off
Associates (except those located in Illinois) receive 80 hours of Paid Sick and Safe Time (“PSST”) upon hire and at the beginning of each subsequent calendar year
Illinois associates receive 40 hours of Illinois PSST upon hire and at the beginning of each subsequent calendar year and 40 hours of Illinois Paid Leave upon hire and at the beginning of each subsequent calendar year
Illinois Paid Leave must be used before associates in Illinois will be approved to take FTO.Hired associates will be able to elect the purchase company stock during offering periods in June and December
You will be eligible for an annual incentive bonus based on individual and company performance.Click here for more Benefits information.About Bread Financial At Bread Financial, you’ll have the opportunity to grow your career, give back to your community, and be part of our award-winning culture
We’ve been consistently recognized as a best place to work nationally and in many markets and we’re proud to promote an environment where you feel appreciated, accepted, valued, and fulfilled—both personally and professionally
Bread Financial supports the overall wellness of our associates with a diverse suite of benefits and offers boundless opportunities for career development and non-traditional career progression.Bread Financial (NYSE: BFH) is a tech-forward financial services company providing simple, personalized payment, lending and saving solutions
The company creates opportunities for its customers and partners through digitally enabled choices that offer ease, empowerment, financial flexibility and exceptional customer experiences
Driven by a digital-first approach, data insights and white-label technology, Bread Financial delivers growth for its partners through a comprehensive suite of payment solutions that includes private label and co-brand credit cards and Bread Pay buy now, pay later products
Bread Financial also offers direct-to-consumer products that give customers more access, choice and freedom through its branded Bread Cashback American Express Credit Card, Bread Rewards American Express Credit Card and Bread Savings products.Headquartered in Columbus, Ohio, Bread Financial is powered by its approximately 7,000 global associates and is committed to sustainable business practices
To learn more about Bread Financial, visit breadfinancial.com or follow us on Facebook, LinkedIn, X and Instagram.Bread Financial offers competitive pay, a comprehensive selection of benefit options including 401(k).The Company is an Equal Opportunity Employer.Any applicant offered employment will be required to establish that they are legally authorized to work in the United States for the Company.The Company participates in E-Verify.The Company will consider for employment all qualified applicants, including those with a criminal history, in a manner consistent with the requirements of all applicable federal, state, and local laws, including the Los Angeles Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act. Applicants with criminal histories are encouraged to apply.The Company complies with the Americans with Disabilities Act (ADA), as amended, and all applicable state/local laws. The Company will provide accommodations to applicants needing accommodations to complete the application process
Applicants with disabilities may contact the Company to request and arrange for accommodations. If you need assistance to accommodate a disability, you may request an accommodation at any time. Please contact the Recruiting Team at
TaOps@breadfinancial.com.Job
Family: Information TechnologyJob Type: RegularSummaryLocation: Columbus, OHType: Full time
Source : Bread Financial