Director, Information Security and Information Technology
NJOY is one of the largest independent vaping companies in the U.S. and a leader in the revolution against combustible cigarettes. With a clear mission to Make Smoking History, NJOY offers a range of electronic nicotine products for adult smokers and vapers looking for an alternative.
The brand was founded in 2006 and has continued to serve as a pioneer and thought leader in the vaping category. NJOY holds a contract with the National Institute of Drug Abuse (NIDA) to supply a standard research electronic cigarette for use in independent, government-funded clinical studies – a project with enormous potential in the United States and across the world.
We are looking for a thought leader on Information Security and Information Technology who is also able to roll up their sleeves and bring this core competency in-house. As the Director, Information Security and Information Technology, you will help guide company-wide information security and technology strategy and vision. This person will be working closely with leadership and staff to identify, analyze, manage, mitigate and remediate information security risk and oversee our information technology systems and needs. You will establish a culture of cyber security company-wide, ensuring mitigation tactics are collectively employed to help us reduce risk as we scale.
- Provide high-level security guidance and leadership to executive team as well as across the company.
- Responsible for identifying, developing and managing compliance with key security controls.
- Help build and mentor the Information Security team in the development and management of key security controls.
- Coordinate with stakeholders to modernize the entire technology stack (systems, applications, etc.) at NJOY.
- Create, implement and maintain information security and technology policies.
- Develop company-wide training programs to efficaciously communicate information security risks (both physical and cyber).
- Audit each department's practices and create and implement the strategy and tactics to reduce risk.
- Regularly audit IT systems to ensure compliance.
- Manage relationships with security and information technology vendors.
- Oversee and manage our information technology systems, support and needs.
- 7+ years of experience in information security or similar IT role.
- 3+ years management experience (can be concurrent with other experience).
- Ability to design and implement and ensure ongoing compliance with technical security solutions.
- Experience managing solutions in various environments such as end-user, server/network, and public cloud.
- Experience rolling out process improvements.
- Understanding and experience with industry and regulatory standards such as PCI, SOC2, ISO27001.
- Strong communication skills.
- Experience prioritizing initiatives and communicating data-driven decisions.
- Eager to work with compliance to ensure information security and privacy requirements are met
- Start-up experience is preferred.
NJOY is an equal opportunity employer and complies with all applicable equal employment opportunity legislation in each jurisdiction in which it operates. NJOY is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, age, disability, marital status, sexual orientation, genetic information, uniform service member or veteran status, or any other characteristic protected by federal, state or local law. Further, NJOY complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. NJOY is an e-verify employer.