This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

This position offers a remote work arrangement while requiring occasional in-person attendance for business meetings and events.

This position offers a base salary range of $147,081.00 - $245,138.00 per year, depending on experience and qualifications, plus bonus based on company performance.

One of the MANY work perks at Sheetz is quarterly employee bonuses based on company performance! And there’s more – A LOT more… like competitive salaries, PTO and parental leave, 401k match and employee stock ownership, limitless professional development and growth opportunities, tuition reimbursement, full medical, vision and dental coverage, and snack discounts!

Provides strategic leadership and enterprise oversight of cybersecurity programs enterprise wide. Establishes and executes the organization’s cybersecurity strategy, governance, risk, and compliance framework to protect company systems, data, and technology assets while enabling secure business growth. Partners with executive leadership to manage cyber risk, strengthen security posture, lead incident response, and promote a security-first culture aligned with organizational objectives.

Responsibilities

• Lead the development and implementation of the organizations cybersecurity strategy, establishing cybersecurity governance, risk, and compliance (GRC) frameworks and policies.
• Proactively assess evolving cybersecurity and technology landscapes to stay ahead of emerging threats.
• Facilitate the execution of growth and technology strategies by ensuring that technology adoption is resilient and secure.
• Conduct internal assessments of compliance with cybersecurity policies and advise executive management on cybersecurity risk.
• Act as the primary liaison for external audits and coordinates logistics, access, and response with third-party auditors.
• Develop cybersecurity capabilities and talent in relation to emerging threats, laws and regulations, and organizational goals.
• Build relationships with senior business decision makers and engage to collaboratively define the risk appetite for the organization.
• Lead cybersecurity incident response (IR), including engagements with third-party entities and law enforcement.
• Responsible for the effective use of cybersecurity assets and manages the cybersecurity budget.
• Foster a security-aware culture collaborating with senior leaders to establish cybersecurity champions across the organization.

Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field required.
• Master’s degree in Information Security, Business Administration, or related discipline preferred.
• Minimum 10 years of progressive experience in cybersecurity, information security, or IT security required.
• Minimum 5 years of leadership or supervisory experience required.
• Experience leading enterprise cybersecurity programs, incident response, and risk management initiatives required.
• Experience in retail, multi-site operations, or highly distributed environments preferred.
• Experience presenting to executive leadership and board-level stakeholders preferred.
• Certified Information Systems Security Professional (CISSP) preferred.
• Certified Information Security Manager (CISM) preferred.
• Certified Information Systems Auditor (CISA) preferred.
• Certified in Risk and Information Systems Control (CRISC) preferred.
• GIAC certifications or equivalent preferred.
• Cloud security certifications (CCSP, AWS Security, Azure Security) preferred.
• General Office Equipment.

Accommodations

Sheetz is committed to the full inclusion of all qualified individuals. Sheetz is committed to considering all applicants regardless of disability who can perform all essential job duties with or without accommodations.