Director IT Security and Infrastructure

Peet’s is seeking a Director of IT Security and Infrastructure to be part of the team that drives concept, design, and development of our on-premise and cloud-based technology infrastructure.  This role is responsible for strategy, design, build  and operations and will focus on delivery of highly reliable and scalable technology components to meet the needs of our business.

Reporting to the Peet’s SVP CTO, this IT senior leader is on point to ensure all parts of local and enterprise technology execution are delivered with high quality, security and positive results.  The Director IT Security and Infrastructure will assist business partners in determining how to achieve business results quicker and more effectively through technology while maintaining a comprehensive security strategy that ensures we protect our people, customer, and company information assets to the fullest extent. This individual is responsible for understanding business direction and needs, to drive formulation of solutions and roadmaps, providing insights to technical solution capabilities, leveraging internal solutions and investigating external solutions and partner capabilities.

Responsibilities

Strategy & Planning

• Lead the infrastructure strategy planning activities, bringing a current knowledge and future vision of infrastructure technology and systems and best practices (e.g. ITIL) as related to the needs of the business
• Create infrastructure roadmaps in collaboration with business and IT leaders – from SVPs to Managers.  
• Leverages cloud-based technology strategies as a mechanism to delivery infrastructure services faster at a lower cost.
• Takes a leadership role in shaping technology shared services aligned to the strategic direction of the company across Peet’s multiple business units.
• Responsible to stay abreast of industry and technology trends that impact or support business partners.
• Develop and implement forward-thinking improvements that enable IT.'s ability to deliver more, faster, and with a higher degree of quality and business value by collaborating with the entire IT Leadership Team.

Information Security

• Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
• Facilitate information security governance through implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board.
• Develop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices.
• Create, communicate and implement a risk-based process for vendor risk management, including assessment and treatment for risks that may result from partners, consultants and other service providers.
• Develop and manage information security budgets and monitor them for variances.
• Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users.
• Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders through the enterprise on identifying acceptable levels of residual risk.
• Provide periodic reporting on the status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program.
• Create a framework for roles and responsibilities regarding information ownership, classification, accountability and protection.
• Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
• Liaise with the JDE Peets global security and enterprise architecture teams to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
• Coordinate information security and risk management projects with resources from the IT organization and business unit teams.
• Create and manage a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations.
• Ensure that security programs are compliant with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
• Liaise among the information security team and Peet’s corporate compliance, audit, legal and HR management teams as required.
• Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
• Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
• Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event, and provide direction, support and in-house consulting in these areas.
• Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.

 Financial Discipline and Vendor Management:

• Identifying the right balance of in-house versus professional services consultants to meet the demand for services
• Negotiate favorable software and professional services contracts with reputable vendors
• Manage complex and rapidly changing budgets
• Drive effective governance and engagement with partners and suppliers to ensure cost effectiveness and timely deliverables
• Analyzes and predicts trends and develops long-range plans designed to maintain the cost effectiveness and competitiveness of the corporate technology infrastructure
• Keep informed of issues and risks across all technology organizations, anticipate impact, and mitigate risks

Relationship Management

• In conjunction with other members of the IT Leadership Team, be a trusted advisor to internal leaders by seeing the big picture and translating business strategies into actionable technology roadmaps and project plans.
• Responsible for effective stakeholder management – to create positive relationships through management of expectations and agreed upon objectives. 
• Ensures/participates in development of business cases, requirements, and documentation in support of proposed and approved business initiatives in collaboration with business stakeholders and key business users

• Provides the IT Leadership Team insights to the needs and concerns of shared infrastructure.
• Establish and manage senior level technical relationships with strategic vendors to feed the innovation process as well as ensure global delivery of initiatives.
•  Prepare strategies to increase existing and new businesses and identify appropriate vendors for all projects and manage communication for all projects.
• Administer and approve all final deliveries and improvements into production operation
• Assist business leads to review all financials of projects and analyze all key business metrics.

Operational Management

• Leads and promotes effective teamwork and manages the resolution of interpersonal issues, serving as a point of escalation. 
• Establish and maintain appropriate operational tools, monitoring methods and site metrics, and reporting to determine and track needs and trends for support, issues, and capacity
• Drive a customer service mindset measuring success using goals and metrics and infrastructure service levels for the Company’s enterprise-wide user community
• Establish a culture of engineering excellence while maintaining a strong focus on security and operational quality
• Leads and manages the architecture, design and implementation of the servers and network infrastructure to provide a 24x7 operation with low latency, high-availability systems
• Is accountable for orchestrating and delivering 24x7 operational support for mission critical systems.
• Coordinates closely across IT functional areas that are supporting business operations – stays aware of and actively manages, when necessary, production issues, project status, delays, etc.

• Demonstrates an in-depth knowledge of IT and the service catalog and assigned departments/business partners to identify and communicate how IT infrastructure solutions can support the achievement of short- and long-term business goals. Team Building

• Develop high performing infrastructure professionals through ongoing opportunities for professional development, mentorship, and coaching
• Share knowledge and best practices within the corporate infrastructure team, as well as broadly within the organization to ensure that Peet’s technology infrastructure management is highly effective and valued
• Scale the infrastructure team, ensuring we have the right resource allocation, ratio of support and subject matter experts
• Be an inspirational leader who can attract and retain quality people globally to the organization and develop these individuals into a cohesive team

Critical Skills & Behaviors for Success

Results-orientation:

• Gets things done, with both a short and long-term view in mind
• Pragmatic and outcome-oriented, leveraging data to make decisions
• Thrives in a fast paced, agile environment with exceptional organizational skills and ability to re-prioritize on a consistent basis
• Exemplary planning and organizational skills, along with a high degree of detail orientation
• A hands-on and adaptable leadership style with commitment to driving results

Thought leader who can scale a business:

• Thought leader for peers, clients, as well as team, getting to root causes of issues
• Can play “high and low”, operating at both a strategic and tactical level as needed
• Strong presenter, demonstrating the aptitude of communicating clearly and effectively to upper management and all levels across departments

Collaboration focus in all interactions:

• Provide coaching and learning opportunities to teams ensuring leading edge practices
• Influential to executives, colleagues, and peers coming from a “we” orientation
• Highly collaborative with the ability to build trusting relationships across a diverse and potentially global workforce.

Essential Skills/Knowledge: 

• Ability to communicate clearly and concisely
• Broad fundamental innovation and business development knowledge
• Considerable people management skills; capable of acting as leader, advisor, mentor, and coach
• Strong strategic vision in areas of business, development and innovation
• Exceptional analytical and critical thinking skills
• Significant business and stakeholder relationship building experience
• Responsiveness to change and leads as a change agent

Essential EQ/IQ Requirements:

• Contributes as an integral part of the senior management team of the organization
• Accepts change and is flexible, focusing on action and outcomes
• Makes complex decisions for tough problems; embraces collaboration and teamwork
• Thrives within a fast-paced work environment; perseveres with tenacity
• Manages multiple projects, separating mission critical from the non-strategic with minimal supervision 
• Fearless in tackling issues and challenges as they arise; doesn’t avoid confrontation 
• Understands the importance of the position for the success of the business
• Embraces a spirit of hospitality with fellow employees and external members
• Demonstrates respect and promotes a supportive environment
• Intellectual horsepower and curiosity (highly analytic and strategic)

Qualifications

Skills and Professional Requirements

• Bachelor’s degree in computer science, engineering, information systems, business, or a related discipline is required; A master’s degree is highly desirable
• 12+ years of relevant professional experience, with a minimum of 10 years in a leadership role with direct technical responsibility for infrastructure and security management
• A minimum of 7 years of experience leading a team of up to 8 direct reports and 25+ individuals either direct, matrixed, or contract/managed services.
• Experience deploying best in class infrastructure and security methodologies including high availability and agile innovation in a consumer-facing / consumer service industry / manufacturing (particularly hospitality or retail) or high-volume professional services desirable.
• High level of technical understanding and competence across multiple intersecting disciplines to be able to quickly analyze situations, correlate ideas, and make decisions on issues and resolutions.
• Experience creating infrastructure as “a center of expertise” and “as a service”
• Track record of regular interaction with senior-level executives
• Expertise in negotiating complex contracts and managing outsourcing service agreement including design and tracking of Service Level Agreements (SLAs).
• CISSP certification is a plus
• Expertise in PCI, SOX, and HIPAA security requirements and the certification process for each.
• Experience with Cisco, Juniper, Palo Alto Networks, Meraki, Trustwave, Microsoft and their network security technology capabilities.
• Experience with Operational Technologies (OT) in a manufacturing environment
• Direct experience endpoint detection and response providers
• Direct experience with cloud- based SIEM providers
• Experience with identifying and selecting security technologies to enable best in class security capabilities.
• Experience with PCI-DSS, ITIL, Agile, Sarbanes-Oxley Technology Controls, NIST CSF and ISO27001
• Experience in datacenter and office network designs using current best practices and tools including major cloud providers including AWS, Azure and Google Cloud.
• Knowledge of DevOps principles and practices highly desirable 

 Peet’s Home Office is a Hybrid worksite, which requires any Home Office employees who are Directors and above to work onsite a minimum of 4 days/ week (Emeryville, California). 

At Peet’s we hire the best people and are committed to supporting our employees and rewarding them for their work. The target annual base salary range for this position is  $180,000- $230,000. The actual base salary offered depends on a variety of factors, which may include, as applicable, the applicant’s qualifications for the position; years of relevant experience; specific and unique skills; level of education attained; certifications or other professional licenses held; other legitimate, non-discriminatory business factors specific to the position; and the geographic location in which the applicant lives and/or from which they will perform the job. Peet’s offers a generous benefits package to full-time employees, which includes comprehensive health, dental and vision plans; a superior 401(k) plan, various paid time off programs; employee discount/perks; life insurance; disability insurance; flexible spending accounts; and an employee referral bonus program.