Helping families elevate the next generation through sports. A part of the DICK’S Sporting Goods family.
Director, Information Security – Technology
Location
Alaska + 7 moreAll locations: Alaska | Hawaii | Iowa | Louisiana | Montana | Oklahoma | Mississippi | South Carolina
Posted
20 hours ago
Salary
$220K - $240K / year
Seniority
Lead
Job Description
Director, Information Security – Technology
GameChanger
• Own and evolve GameChanger's multi-year security and technology strategy, including prioritization, resourcing decisions, alignment to business and parent company goals, and communication of security investments and tradeoffs to technical and executive leadership. • Lead, mentor, and grow a team of security and technology operations professionals, including setting priorities, coaching teammates, managing performance, creating opportunities for growth and impact, and creating an environment to support autonomy and ownership. • Own the direction and delivery for all key areas of information security, including product and application security, cloud security, AI security, security operations, vulnerability management, and governance, risk, and compliance functions. • Evaluate and mitigate risks across infrastructure, product, and corporate environments. • Set direction for AI security and governance as part of a secure SDLC and corporate environment, including the secure adoption of AI tooling, the security of AI-enabled product features, and AI usage governance, partnering with AI enablement and governance stakeholders across the company. • Lead the governance, risk, and compliance program, including internal assessments (for example, NIST CSF 2.0), external assessments, and clear risk reporting to leadership. • Own the security operations and incident response program for the GameChanger environment, including detection, on-call, escalation, and coordination with our parent-company security function. • Own internal technology operations, including the technology support function for our remote-first workforce and the systems and endpoints employees rely on to do their work. • Manage the BISO relationship with DSG, including decision rights, shared-services integration, and the partnership with the DSG CISO. • Lead the cross-departmental security steering committee and represent security and technology in executive forums, building alignment and buy-in for key initiatives. • Educate and influence the broader company on security principles, threats, and practices.
Job Requirements
- 10+ years of progressive experience in security, including direct people management experience leading managers and multidisciplinary security teams.
- A track record of building or significantly scaling an information security program.
- Experience acting as a strong cross-functional partner who negotiates tradeoffs and builds a durable security culture across all departments to advance security goals while enabling business results.
- Breadth across the security domains this role covers, with hands-on depth in several of: product and application security, cloud security (AWS preferred), AI security, security operations and incident response, and GRC.
- Experience leading or closely partnering with internal IT / technology operations, including endpoint management and supporting a remote-first workforce.
- Fluency with security and risk frameworks such as NIST CSF 2.0 and the NIST AI RMF, and experience leading and managing internal and external assessments.
- The ability to identify, quantify, and articulate security risk, build action plans, and drive them to completion.
- Excellent communication skills and executive presence: you can translate complex security and technology topics into business outcomes for technical teams, executives, and other stakeholders.
- Experience operating within a matrixed, parent-company, or shared-services security model is a plus.
- Experience securing consumer (B2C) platforms, particularly products serving minors, and familiarity with the associated privacy and youth-safety considerations, is a plus.
Benefits
- Work remotely throughout the US* or from our well-furnished, modern office in Manhattan, NY.
- Unlimited vacation policy.
- Paid volunteer opportunities.
- Technology stipend - $4,000 every 2 years after your start to make sure you have the latest and greatest technology.
- WFH stipend - $500 annually to make your WFH situation comfortable.
- Monthly physical, mental, wellness & learning stipend offered through Holisticly.
- Monthly lifestyle stipend offered through Fringe.
- Full health benefits - medical, dental, vision, prescription, FSA, HRA, HSA, and coverage for family/dependents.
- Retirement savings - Traditional and Roth 401K plans are offered through Vanguard, with an immediate company match.
- Life insurance - basic life, supplemental life, and dependent life.
- Disability leave - short-term disability and long-term disability.
- Company paid parental leave - up to 20 weeks for birthing parents and up to 12 weeks for non-birthing parents.
- Family building benefits offered through Progyny.
- DICK'S Sporting Goods and their family of brands teammate discount.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• The Lead Security Engineer (Cloud & Enterprise Security Engineering) is responsible for designing, implementing, hardening, integrating, and continuously improving security technologies across varied domains. • Translate security requirements into scalable and reliable technical solutions. • Engineer secure-by-default solutions, improve platform capabilities, automate security functions, and drive long-term technical maturity. • Own complex technical initiatives from design through implementation, support, optimization, and documentation. • Create and maintain actional documentation including architecture diagrams, standards, SOPs, and runbooks.
Role Description This role’s mission & overview: Camps trust Campminder to keep their data safe, and that trust is what lets them focus on running a great summer. You'll own how we protect that data end to end: - Architecting and hardening our security infrastructure - Carrying our PCI and SOC2 programs through every audit - Setting the roadmap that keeps us ahead of real threats - Being the person the engineering org comes to on security - Defining what good looks like at Campminder As a Senior Cybersecurity Engineer on our Engineering team, you will: - Manage identity and access infrastructure, including Azure conditional access, Okta SSO, and Auth0, keeping MFA and zero-trust enforced across production and internal apps - Integrate security scanning (SAST, DAST, SCA) into CI/CD pipelines and drive remediation before code reaches production - Configure, tune, and harden WAF rules across our web applications - Own vulnerability scanning and remediation using tools like Mondoo and SecurityMetrics, and administer EDR, DLP, and SIEM/XDR tooling across servers and endpoints - Manage secrets and credentials in build pipelines, including vault-based storage, rotation, and least-privilege service accounts - Execute PCI technical controls: SAQ completion, quarterly ASV scans, and disaster recovery implementation - Harden containerized and cloud-native environments, including image scanning and Kubernetes configuration - Coordinate pen testing engagements and drive remediation against SLA timelines - Run security awareness training programs (KnowBe4, Security Journey) and maintain AI usage oversight, including approved tooling, code-gen governance, and supply-chain monitoring Qualifications - 5+ years in security engineering or DevSecOps, with hands-on ownership of both pipeline-level and infrastructure-level security - Experience configuring IAM and SSO platforms (Okta, Auth0) alongside cloud-native identity controls like Azure conditional access - Comfort embedding security directly into CI/CD workflows: SAST/DAST/SCA tooling, secrets management, and policy-as-code - A track record hardening containerized and cloud-native environments, including Kubernetes and image scanning - Experience executing PCI or similar compliance technical controls (scans, SAQs, evidence prep); program ownership isn't required, but you know how to translate auditor requirements into engineering work - Familiarity administering SIEM/XDR and EDR/DLP tooling - The judgment to triage real vulnerabilities over theoretical ones, and to know when to escalate versus fix directly - Experience running or supporting security awareness and training programs - Exposure to AI tooling governance, such as MCP inventories, code-gen release gating, or supply-chain monitoring for AI-assisted development Benefits - Robust medical, dental, and vision coverage options with generous employer contributions, plus a $500 employer HSA contribution for HSA-compatible plans - Ability to choose where you work - remotely, in the office, or a mix! - A variety of resources to support mental health and emotional well-being - 12 weeks of 100% paid parental leave for all new parents, including via adoption, surrogacy, and foster care - 401(k) with 4% company matching - Trust-Based (flexible) PTO (and yes, we use it!) - $900/year wellness allowance - Company-paid subscriptions, training, and support for using AI professionally and personally Company Description We know the best people can choose to work anywhere. Here’s a few reasons why 100+ of them choose Campminder: - With 20+ years experience of serving the industry through its digital transformation, we’re stable, profitable, and have developed a loyal customer base (that continues to grow). - We build software for summer camps, an industry that enables meaningful experiences for kids. - We work on interesting, ambitious projects that create real value for our clients. - We know our team members feel their work has an impact on the organization’s purpose. - We are genuinely committed to work/life balance. - We invest in emerging technology and cutting-edge leadership and are proud to take an "AI-Enabled" approach in our solutions. - We’ve been listed on Outside Magazine’s 50 Best Places to Work for 8 consecutive years for our values-led culture and employee experience.
• Pre-sales - assist in qualifying sales leads from a technical standpoint. • Sales calls - be the main technical resource on sales calls and answer/ educate the customer on issues ranging from features, specifications and functionality to integration. • Conversant with networking applications and solutions. • Experience with virtualization, NFV and emerging SDN technologies • Post-sales - be the lead technical contact for identified accounts for technical issues and will work closely with the technical support team and engineering to answer, elevate and resolve customers technical issues. • Provide assistance to identified customers with post-sales training. • Regularly interface, provides presales support and assist in training Fortinet Channel partners in your region. • Presenting at events, seminars, customer and partner meetings • Flexible to travel. Travel will primarily be within the SEs designated region, but may also include occasional travel to other regions.
• Extensive experience in pre-sales designing and proposing secure platform solutions • Building technical security solutions, proving their viability and providing technological justifications • Design complete network, cloud and security solutions providing strong technical roadmaps • Identify technical opportunities within the field to increase pipeline growth and team prosperity • Leading proof of concept valuations, technical workshops and events • Collaborate with Account Manager to answer/ educate the customer on issues • Strategizing about future services or capabilities customers may require within your account base • Support your customer through issue resolution by collaborating with TAC and other technical resources • Build technical business relationships with key customers and partners • Regularly interface, providing technology enablement in your region • Mentor others with your expertise while collaborating with a team of industry experts



