|
Welcome to Gordon Food Service! We are excited that you are thinking about opportunities with us, and we have an amazing story to share. See below for a quick glance of who we are and the impact you could have on the food service industry. There's a seat at our table for you... Position Summary: The IT Security Manager will lead our Government, Risk, and Compliance (GRC) function. This critical role is responsible for developing our enterprise GRC strategy and leading a team of security professionals. The ideal candidate is both a strategic planner and a hands-on leader, capable of managing our Risk Management process, security audits and most importantly, aligning security initiatives with key business objectives.
What you will do:
GRC & Policy Leadership: Manage the enterprise-wide Government, Risk, and Compliance (GRC) strategy. Direct the creation, review, and maintenance of all information security policies, standards, and procedures to align with business goals and regulatory requirements. Risk & Vulnerability Management: Oversee the complete information security risk lifecycle, including the identification, assessment, tracking, and remediation of risks. Manage the third-party (vendor) risk program. Oversee vulnerability management program to ensure proper patch management of systems. Compliance & Audit Facilitation: Act as the primary point of contact for all internal and external information security audits. Manage and coordinate compliance activities, ensuring adherence to laws and frameworks like SOX, PCI-DSS, and various privacy regulations. Security Awareness: Oversee the development and implementation of the company-wide security awareness and training program. Security Architecture & Engineering: Oversee the technical security infrastructure for systems, networks, databases, and cloud services. Define and own the security technology roadmap, analyzing tradeoffs between usability, security, and performance. Team & Resource Management: Lead, recruit, train, and mentor the information security team. Manage the team's tactical workload and project priorities, collaborating with other IT leaders to resolve resource constraints. Stakeholder Collaboration & Reporting: Collaborate closely with IT, Legal, and business unit leaders to build strong relationships and ensure security is a business enabler. Regularly report on risk, incidents, and program maturity to executive leadership. Threat Intelligence & Research: Research and analyze current cybersecurity trends, threats, and breaches to provide guidance on best practices and proactively update internal plans and security postures. Project Delivery: Engage in GFS' SAFe agile planning activities to successfully execute both security driven projects and to work with IT partners to resolve vulnerabilities within the technology solutions they own. Security Operations & Incident Response: Partner with our Security Operations team to ensure we are focused on the most important threats to be addressed. Incident Management: When necessary, assist with the investigation, reporting, and resolution of security incidents, ensuring a timely and effective response to mitigate risk.
When you will work:
Monday to Friday, 8 am to 5 pm Hybrid schedule, with 4 days in office in Wyoming, MI and 1 day remote
What you will bring to the table:
Leadership & Team Building: Proven ability to lead, motivate, guide, and develop a high-performing team of technical security professionals. Communication & Relationship Building: Excellent verbal, written, and interpersonal communication skills. Must have the ability to build strong relationships at all levels, across all business units, and explain the business impact of complex security topics to non-technical stakeholders. Framework & Legal Knowledge: Knowledge of GRC frameworks (e.g. NIST Cyber Security Framework) and familiarity with regulatory requirements such as Sarbanes-Oxley (SOX) and PCI-DSS. Technical Security Expertise: Experience with vulnerability scanning, penetration testing, operating system internals, network protocols, security operations, incident response methodologies, and cryptography. Strategic & Critical Thinking: Must be a critical thinker with strong problem-solving skills. Possess the poise and ability to act calmly and competently in high-pressure, high-stress situations (e.g., during a major security incident). Familiarity with Security Information and Event Management (SIEM) tools preferred Strong understanding of the business impact of security tools, technologies, and policies preferred BE PART OF AN AMAZING CULTURE WHERE WHAT MATTERS TO YOU, MATTERS TO US!
Gordon Food Service values our customers and understands that their success is largely dependent upon their workforce. To demonstrate our commitment to our partnership, we will require any candidate who works for a Gordon Food Service customer to provide a letter of support from their management if they are selected for the interview process. Equal Employment Opportunity is a matter of policy at Gordon Food Service, Inc. and we are committed to a work environment in which all individuals are treated with respect and dignity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, status as a protected veteran, or status as a qualified individual with disability. If you require reasonable accommodation for any part of the application or hiring process due to a disability, please submit your request to talent@gfs.com and use the words "Accommodation Request" in your subject line. All Gordon Food Service locations are tobacco-free. Gordon Food Service is a drug-free workplace and conducts pre-employment drug tests. |
Gordon Food Service
Nov 04, 2025