Welcome to NASCAR! At NASCAR you will find a community of
passionate individuals who care about the sport and are united in
seeing it grow.
NASCAR® and its marks are trademarks of the National Association
for Stock Car Auto Racing, LLC
Copyright © 2020 NASCAR Digital Media, LLC. All rights
NASCAR.com is part of the NASCAR Digital Media Network.
The National Association for Stock Car Auto Racing (NASCAR) is
the sanctioning body for the No. 1 form of motorsports in the
United States and owner of 16 of the nation’s major motorsports
entertainment facilities. NASCAR consists of three national series
(NASCAR Cup Series™, NASCAR Xfinity Series™, and NASCAR Gander RV &
Outdoors Truck Series™), four regional series (ARCA Menards Series,
ARCA Menards Series East & West and the NASCAR Whelen Modified
Tour), one local grassroots series and three international series.
The International Motor Sports Association™ (IMSA®) governs the
IMSA WeatherTech SportsCar Championship™, the
premier U.S. sports car series. NASCAR also owns Motor Racing
Network, Racing Electronics, Americrown Service and ONE DAYTONA.
Based in Daytona Beach, Florida, with offices in eight cities
across North America, NASCAR sanctions more than 1,200 races in
more than 30 U.S. states, Canada, Mexico and Europe. For more
information visit www.NASCAR.com and www.IMSA.com
, and follow NASCAR on Facebook , Twitter ,
Instagram , and Snapchat (‘NASCAR’)
Job Description NASCAR seeks a talented professional to join in
the position of Director of Information Security. This positionis
responsible for providing technical leadership around NASCAR's
Information Security Practice. The selected candidate is a hands-on
management; responsible for development, implementation and
management of information security for this enterprise.
Collaborative leader is number one requirement.
The selected candidate is expected to be able to act in
leadership roles and interface with a variety of team members
throughout the organization. The candidate will lead a team of
security specialists focused on Technology compliance and
Technology security. Candidate is expected to be highly experienced
in Systems Administration Practices, Software as a Service
Applications and Compliance Management of SOX, PCI DSS, FRCP, PII
(including HIPAA) and others.
Organization: Information Security
Reports to Vice President Enterprise Technology and directs the
teams and functions of incident response, operations, engineering,
identity and access management, and application security;
establishes the information security strategy and develops roadmaps
to help mitigate information risk.
Essential Duties and Responsibilities include the following:
Information Security Expert
Serve as an internal information security consultant to the
organization monitoring advancements in information security
Monitor changes in legislation and accreditation standards that
affect information security. Stay abreast of the latest thinking,
technologies, and security literature.
Initiating, facilitating, and promoting activities to foster
information security awareness within the organization.
Ability to lead a team of direct reports responsible for Access
Administration and Security Analyst functions.
Ability to lead cross functional teams from Human Resources,
Legal, Marketing, Technology and others in the management of day to
day activities associated with Information Security.
Ability to lead cross functional project teams in the
fulfillment of a project initiative.
Responsible to work with broad team to complete annual PCI
compliance and certification process.
Point of contact for cyber liability insurance carrier. Work
closely with our Risk team to stay aligned to renewals, changes,
Prepare key management reporting relating to the state of IT
security for quarterly NASCAR audit committee updates.
Accountable for management of annual NASCAR security awareness
Prepare the annual operating and capital budget for IT Security.
Review monthly expenses and ensure forecasting is accurate
representing anticipated spend.
Lead the IT Security Compliance Steering committee. Engage the
committee on relevant IT security concerns that may impact
Secure Systems Management
Ability to plan and organize work consistent with the strategic
goals of NASCAR.
Identify priority activities and assignments and to ensure the
effective monitoring and implementation of work plans.
Reviewing all system-related information security plans
throughout the organization's network.
Monitoring and reporting of IT security events, incidents, and
Ensure the integrity of host computers, servers, databases,
laptops, firewalls and other devices for secure data transfer.
Troubleshoot and repair information security tool
Assist efforts to determine information security frameworks,
requirements, direction and system recommendations.
Maintain existing capabilities, make recommendations and
implement appropriate up to date security technologies such as
encryption, anti-virus software etc. as needed.
Configure existing technologies in an effort to solve
Internal Control Management
Monitor internal IT control systems to ensure that appropriate
information access levels and security clearances are
Performing information security risk assessments and serving as
the internal auditor for information security processes.
Perform annual penetration testing and risk assessments against
assets and processes. Disaster Recovery/Business Continuity
Assist in preparing the organization's disaster recovery and
business continuity plans for information systems. Policy and
Documenting the information security policies and
Implementing the organization's information security policies
Monitoring compliance with the organization's information
security policies and procedures among employees, contractors,
alliances, and other third parties, and referring problems to
appropriate department managers or administrators.
Compile, deliver, and maintenance of security/compliance
documentation for internal and external consumption.
Additional responsibilities as assigned by management.
Directly supervises assigned staff. Carries out supervisory
responsibilities in accordance with the organization's policies and
applicable laws. Responsibilities include interviewing, hiring, and
training employees; planning, assigning, and directing work;
appraising performance; rewarding and disciplining employees;
addressing complaints and resolving problems.
Education and/or Experience
Bachelor’s degree (B. A.) from four-year college or university;
or one to two years related experience and/or training; or
equivalent combination of education and experience.
10 or more years of experience in Information Security with
minimum of 7 years leadership experience.
Excellent coaching, management, technical, and analytical
Ability to plan, direct and control security programs and
Quick and effective assessment and judgment skills.
Experience with Auth0 and AlertLogic a plus
Experience with Splunk a plus
Experience with PaloAlto a plus
Experience with ServiceNow a plus
Able to work independently and consultatively to interpret and
apply rules, regulations, policies and procedures.
Demonstrate current knowledge of industry trends, standards and
Excellent oral, written and communication skills is important in
collaborating with colleagues and other teams across the NASCAR
Ability to handle stress and work under pressure with
Ability to meet deadlines, self-motivated and self-managed.
Ability to present to large groups and executive leadership
Strong Technical Skillsets
Competent with IDS/IPS systems operations
Competent with Application and Infrastructure Scanning
Competent with Data Loss Prevention Products
Competent with Internet Filtering Products
Competent with Identity Management Solutions
Competent with Security Log Management Solutions
Capable of performing organization Information Systems Risk
Capable of performing organization Attack and Penetration
Capable of coordinating Sarbanes Oxley Act Compliance
Capable of coordinating Payment Card Industry Compliance
Capable of coordinating Health Insurance Portability and
Accountability Act Compliance Management
Capable of coordinating Litigation Data Preservation Actions in
accordance with the Federal Rules of Civil Procedure and associated
Capable of coordinating compliance actions associated with other
compliance regulations Professionalism
Professional competencies in computer engineering or related
field of work
Conscientious and efficient in meeting commitments, observing
deadlines and achieving results
Able to work independently with minimum supervision
Capable of preparing reports and papers on technical issues
Proven analytical skills to arrive at sound conclusions when
dealing with complex issues
Ability to contribute to the development of policies and to
interpret procedures and guidelines Communication
Excellent skills in communicating with people from different
backgrounds and technical abilities
Ability to communicate to Executive Leadership
Ability to communicate complex technical items to non-technical
individuals in a succinct and clear fashion Customer
Skillful in identifying customer needs and establishing and
maintaining effective relationships with internal and external
Certificates, Licenses, Registrations
Requires one of two industry recognized certification
credentials: Certified Information Systems Security Professional
(CISSP) or Certified Information Security Manager (CISM)
We are a company unlike any other. At NASCAR, you will find a
community of passionate individuals who care about the sport and
are united in seeing it grow. We want you to bring your experience,
skills and passion to our close-knit, high-energy environment in
which our employees thrive and where you can prosper. We know the
key to our success is our employees and we offer highly competitive
salaries, a solid benefits package focused on wellness, and
opportunities for you to grow and develop both personally and
professionally. It won’t take you long to find out that you are on
the right track here at NASCAR!
NASCAR is committed to fostering a diverse work environment
where all employees feel valued and empowered. NASCAR is an Equal
Opportunity Employer (EEO). We seek to attract and retain the best
qualified people available. All qualified applicants will receive
consideration for employment without regard to race, color, gender,
gender identity and expression, age, national origin, disability,
religion, sexual orientation, genetic information, pregnancy,
veteran status or any basis that is protected by applicable law
except where a bona fide occupational qualification exists.
Follow us on Twitter @NASCARJobs to stay current
on all of our openings.
Sorry the Share function is not working properly at this moment.
Please refresh the page and try again later.