Alimentation Couche-Tard (Circle K) seeks a driven, dynamic Global Head of Cybersecurity Risk and Compliance to help build and lead a comprehensive cybersecurity risk management program and team.
Reporting to the Global Chief Information Security Officer and VP Global Infrastructure, you will help to mature and maintain a global and enterprise-wide cybersecurity risk management and compliance program, collaborating with the cybersecurity operations team, functional areas, and operations stakeholders to drive initiatives in an exciting, fast-paced environment.
As a strategic advisor, you will guide and manage Circle K's capabilities to help manage Circle K's cybersecurity risk and help enable compliance with industry standards, laws, and regulations.
Responsibilities :
Develop and mature a global and enterprise-wide cybersecurity risk and compliance strategy that aligns with organizational priorities, business objectives, regulatory requirements, and evolving risks, threats, and vulnerabilities.
Grow and lead a highly skilled team managing and supporting cybersecurity risk and compliance, risk assessment, reporting (internal and Board), metrics, cybersecurity policy, security awareness, and 3rd party risk management while overseeing the day-to-day relationships and activities.
Manage, monitor, and mature a risk and threat-based information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy, and recovery of information owned, controlled, and processed by the company.
Manage and mature enterprise-wide compliance, risk assessment, reporting, and cybersecurity policies; enterprise-wide 3rd party cybersecurity risk management program;
and information security training and awareness program.
Oversee information security audits and provide consistent responses to external information security questionnaires.
Partner with business units and IT risk management team to ensure that risk management processes and security standards are understood and consistently applied across the company.
Partner with the cybersecurity operations team in areas that include vulnerability management, threat intelligence, incident management, security architecture, advisory, and customer / workforce identity and access management.
Evaluate security controls and opportunities for improvement and communicate recommendations.
Maintain a high degree of knowledge of current and proposed security changes impacting regulatory, privacy, and security industry best practice guidance.
Qualifications :
At least 15 years of experience with 10 years of cybersecurity experience
Strong ability to identify needs, take initiative, and prioritize work efforts, balancing operational tasks with longer-term strategic security efforts
Proven understanding of business focus and processes, and ability to inject governance into the business through teamwork and influence.
Ability to establish and maintain trust and rapport with the team and external constituents
Strong knowledge and understanding of information security management frameworks and various regulatory requirements such as SOC 2, NIST, SOX, CCPA, and GLBA.
Excellent project management, written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences at various levels, ranging from investors to engineers.
Demonstrated experience and success in senior leadership roles in risk management and information security.
Education & Certifications : Bachelor's or Master's degree; CISM, CISSP, and / or other industry certifications
LI-CQ1
Circle K is an Equal Opportunity Employer.
The Company complies with the Americans with Disabilities Act (the ADA) and all state and local disability laws. Applicants with disabilities may be entitled to a reasonable accommodation under the terms of the ADA and certain state or local laws as long as it does not impose an undue hardship on the Company.
Please inform the Company's Human Resources Representative if you need assistance completing any forms or to otherwise participate in the application process.
Click below to review information about our company's use of the federal E-Verify program to check work eligibility :
In English
In Spanish
Head of Cybersecurity Risk & Compliance
Alimentation Couche-Tard (Circle K) seeks a driven, dynamic Global Head of Cybersecurity Risk and Compliance to help build and lead a comprehensive cybersecurity risk management program and team. Grow and lead a highly skilled team managing and supporting cybersecurity risk and compliance, risk asse...
EAC Compliance & Operational Risk Manager - Operational Resiliency
Engages in activities to provide independent compliance and operational risk oversight of Front Line Unit or Control Function (FLU/CF) performance and any related third party/vendor relationships in alignment with the Global Compliance - Enterprise Policy, the Operational Risk Management - Enterpris...
Project Manager Mid Level
Responsible for all aspects of project execution and client experience on assigned projects; may support larger/more complex projects\nAssists with the development of project proposals, contracts and project budgets\nManages the bid processes\nPlans and coordinates project deliverables on assigned p...
Chief Legal Counsel
The Chief Legal Counsel is responsible for drafting and negotiating company contracts, human resources, risk management, corporate and other legal compliance, and providing legal training and support. Chief Legal Counsel &n...
Regional Director of Operations
The Regional Director of Operations is responsible for overseeing the day-to-day operational performance of multiple clinical sites within the assigned region. The Regional Director of Operations works closely with Center Administrators to enhance patient experience, maintain high-quality standards,...
Director of Operations
Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, parental leave, and COVID-19 vaccination leave. Action Oriented: Has a sense of urgency daily; is action oriented; not fearful of acting w...
Chief Operating Officer
The COO will lead the alignment of the enterprise's operating model (people, processes, technology, and innovation) to the organization's strategic plan. Operating Model Optimization and Continuous improvement. General operational reporting on various operating aspects of the company provided timely...
Cost & Project Controls Manager
Cost & Project Controls Manager. Serves as the team leader on major projects and is the client's main contact for providing project cost and schedule management services, including invoice validation, cost forecasting and reporting, change management, close out administration, earned value and R...
Compliance Management Analyst
The Compliance Management Analyst will support OS in various aspects, including, but not limited to, OS Security Compliance, collaboration with OS Staff Divisions (StaffDiv), coalition building, and awareness programs that promote all OS Cybersecurity initiatives. This support aims to enhance securi...
Senior Legal Counsel, Commercial Transactions
Collaborates or cooperates with local management team, global legal services team, outside legal counsel in various matters. Counsels and advises management on legal problems in the transactional law area and works closely with local management teams in regard of advising and training in the matter....