Sr. Director, Information Security and Compliance
Location: Minneapolis, Minnesota US
Job Number: 2748
Requisition Number: 12767BR
Polaris is the global powersports industry leader with a diverse portfolio of off-road, motorcycle, and boat brands including Polaris Ranger, Polaris RZR, Polaris Sportsman, Indian Motorcycles, Slingshot, GEM, Bennington, Godfrey, Hurricane, Rinker, and 4WP.
For more than 60 years, we've been making high-quality, breakthrough products - whether it's launching the snowmobile industry, reinventing ATV categories year after year, developing the first purpose-built military vehicles or introducing a radical 3-wheel moto-roadster.
From our entrepreneurial roots as a mechanical shop, we've grown into one of the world's largest Powersports companies. And in recent years, we've expanded beyond Powersports into adjacent markets, like commercial and military vehicles, where we can add value.
We are seeking an experienced and energetic Information Security and Compliance leader to join our team.
This role reports to the Chief Information Officer and is a member of the Polaris Digital and Information Services leadership team. The position develops and delivers comprehensive information security and risk management strategies to optimize the security posture of our global enterprise. This role is responsible for the overall information security program including prevention, detection, response, and remediation capabilities and operations. The complexity of this position requires a collaborative leadership approach to work effectively across Digital & Information Services, Legal, Product Engineering, Global business units, and Audit.
ESSENTIAL DUTIES & RESPONSIBILITIES:
- Responsible for the overall effectiveness of the Information Security program.
- Collaborates and manages the risk appetite and posture within a highly dynamic environment.
- Defines, implements, and operates prevention techniques.
- Actively monitors environments for threats.
- Leads incident response and remediation.
- Partners with product development to develop and implement cohesive cybersecurity strategy, policy, assessment, and incident response.
- Extends beyond Polaris to assess and consult with stakeholders in our partner ecosystem, including agencies, business services firms, technology vendors, and potential business acquisitions.
- Responsible for the overall effectiveness of the Digital & Information Services compliance program including SOX, iTAR, PCI, GDPR.
- Includes definition, implementation, operation, and verification of required controls utilized within the Digital and Information Services department.
- Conducts external scanning and manages effective relationships with enforcement agencies, cyber experts, regulatory, privacy and industry experts.
- Significant responsibilities in the Digital & Information Services strategy and the Enterprise Risk Management process.
- Accountability for efficient and effective daily operations of the Polaris Information Security practice.
- Accountability for the departmental audit preparation and execution, including but not limited to SOX, PCI, iTAR, and GDPR domains.
- Accountability for information security and risk management project implementation, including coordination with technology, operations, and business teams.
- Manage the standard work, artifacts, and processes that enable teammates to be efficient and effective with risk management policies and compliance requirements.
- Provide effective communication, awareness, and training to stakeholders.
- Ensure that internal controls comply with contractual obligations, corporate policies, and legal and regulatory requirements.
- Provide oversight and management on a team of direct reports, indirect reports, external vendors and service providers.
- Active participant in talent processes of selection, development, and management.
- Contributes to the professional development of team members, both formally and informally.
- Collaborates across the enterprise to develop organization competencies and capabilities.
- Visibly demonstrates our Guiding Principles and Polaris Values.
- Minimum of 8 years of experience of risk management, information security and information technology fields. At least 4 years of experience in a senior leadership role. Employment history must demonstrate increasing levels of responsibility.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- Proven track record and experience in developing and executing information security policies, procedures, and programs.
- Demonstrated capabilities in leadership, innovation, problem solving, influencing, organizing and relationship building.
- Strong process discipline in a continuous improvement environment. Experience managing cost center and departmental financial functions like budgets, etc.
- Graduate degree in Information Security, Computer Science, Management of Information Systems, or related field required.
- Demonstrated commitments to continuous professional development. Examples may include CISSP, CISM, GIAC, CCSP
- Standard office environment
- Some travel may be required
About this location
This opportunity is located approximately 30 minutes from Minnesota's Twin Cities of Minneapolis and St. Paul. These neighboring cities consistently rank as two of the United States' top cities to live in. Minneapolis's thriving art scene, outdoor culture (even in the winter), affordable prices, and friendly atmosphere make this Midwest metropolis a perfect place to live.
Recognized as the leader in the powersports industry, Polaris Industries is a fast growing, innovative, global organization. The people here at Polaris don't just create products - they are part of a lifestyle. It's the passion & execution of those people and their ideas that inspires the innovation that runs through everything we do.
Polaris Industries Inc. (NYSE: PII) is a global powersports leader that has been fueling the passion of riders, workers and outdoor enthusiasts for more than 60 years. With annual 2017 sales of $5.4 billion, Polaris' innovative, high-quality product line-up includes the RANGER®, RZR® and Polaris GENERAL™ side-by-side off-road vehicles; the Sportsman® and Polaris ACE® all-terrain off-road vehicles; Indian Motorcycle® midsize and heavyweight motorcycles; Slingshot® moto-roadsters; and Polaris RMK®, INDY®, Switchback® and RUSH® snowmobiles. Polaris enhances the riding experience with parts, garments and accessories, along with a growing aftermarket portfolio, including Transamerican Auto Parts. Polaris' presence in adjacent markets globally includes military and commercial off-road vehicles, quadricycles, and electric vehicles. Proudly headquartered in Minnesota, Polaris serves more than 100 countries across the globe. Visit www.polaris.com for more information.
Polaris prides itself on recognizing and developing top talent to take its people and company to the next level. Competitive salary, generous benefits and a comprehensive relocation plan are just a few components of the total compensation package offered at Polaris. Are you ready to join a company where you will work hard and play hard, and be rewarded for your performance?
Polaris is an Equal Opportunity Employer and will make all employment-related decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, marital status, familial status, status with regard to public assistance, membership or activity in a local commission, protected veteran status, or any other status protected by applicable law.
Community / Marketing Title: Sr. Director, Information Security and Compliance
EEO Employer Verbiage:
Location_formattedLocationLong: Minneapolis, Minnesota US