Job Purpose and Function
This role requires a hands-on senior leader within IT, accountable for Infrastructure, Operations and Security throughout the organization. This individual will lead a team responsible for delivering highly reliable infrastructure to support our corporate offices, Retail and Wholesale businesses. This individual, through our employees and third parties, will leverage automation to drive process improvements, increase reliability and to create capacity for the team to focus on innovation.
This individual brings experience, knowledge, and future vision for transforming the I&O function including its strategy, operating model, product and service offerings. Additionally, this person will also lead the strategy and risk mitigation for Cyber Security and Risk.
As a key member of the senior IT leadership team this role contributes to the development and execution of the enterprise-wide IT strategy by ensuring reliable systems and the successful implementation of our projects on time, budget and quality to achieve the desired business outcomes.
How You'll Make an Impact (Key Accountabilities)
- Define the technology strategy, vision and roadmap for Infrastructure, Operations and Security to ensure alignment with the organization's strategy, focused on enhancing the digital business strategy.
- Identify relevant emerging technologies, introduce innovation to deliver differentiated infrastructure and operations capabilities that deliver on our brand promise and differentiates us in the marketplace – for employees and guests.
- Demonstrates and promotes a high sense of urgency in resolving store / customer facing issues while building out proactive and predictive tools to further automate and improve customer satisfaction.
- Builds trust and creates confidence with stakeholders by providing transparent and consistent reporting of KPI's.
- Develops and controls the teams annual budget needs to ensure that it's consistent with the overall strategic objectives of IT and the enterprise and is within plan while identifying opportunities to create a culture of continuous cost optimization and continuous improvement.
Specific to Infrastructure and Operations:
- Defines, develops, and manages a comprehensive and integrated IT Service Management (ITSM) landscape, leveraging best-practices, disciplines, and related toolsets.
- Establish a clear inventory management strategy to ensure we stay ahead of supply chain constraints and business needs.
- Establish standard playbooks that are maintained and executed by internal team and external partners, ensuring we operate a formal governance process to monitor effective controls. Supports periodic reviews by audit teams, compliance teams and other risk-related functions as required.
- Improves IT resilience by executing strategies that improve reliability, tolerability, and disaster recovery readiness, while balancing our risk tolerance and cost constraints.
- Drives the adoption of (and commitment towards) service improvements through a programmatic approach to continuous improvement which also measures impact and shares results.
- Establish, manage and maintain vendor accountability through KPI's and performance based outcomes
Specific to Security:
- Architect the information security program to ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in the digital ecosystem in which we operate.
- Responsible for identifying, evaluating and reporting on legal and regulatory, IT, and cybersecurity risk to information assets, while supporting and advancing business objectives.
- Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program, thus supporting business outcomes.
- Provide clear risk mitigating directives for projects with components in IT, including the mandatory application of controls.
- Determine the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of nondigital risk areas.
- Incorporate leading practices and make it simple and seamless for our users, improve Resilience, Disaster Recovery and our ability to Manage, Detect and Respond (MDR)
What We're Looking For (Qualifications and Experience)
- Bachelor's degree from an accredited US university or a minimum of 10 years of experience in a combination of networking, engineering, architecture, project management, information security
- Minimum of at least 5 years in a senior IT leadership role
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
- Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization
- Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies
- Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment
- Knowledge and understanding of relevant legal and regulatory requirements, such as: Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.]
- Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
- Project management skills: financial/budget management, scheduling and resource management
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
- Deep understanding of networking protocols (e.g., IPSEC, HSRP, BGP, OSPF, 802.11, QoS)
- Solid understanding of cloud platforms such as Azure, AWS and SaaS based applications.
- Experience with managing virtual technologies such as VMWare, Hyper-V, SAN environments and SaaS.
An ideal candidate will also have:
- Multi-Unit Retail Experience that operates 24/7/365
- Identification and maintaining a strong Managed Service Provider partner relationship.
- Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
- Experiencing building a Security Program from early stages to advanced
- Experienced in developing RFP's, RFQ's
Availability and Travel
- This hybrid role complies with our company's hybrid telework schedule. Our operating days and hours are Monday through Friday from 8:00 AM to 4:30 PM, with in-office days being Tuesday through Thursday, reserving Monday and Friday as work-from-home.
- Business needs will require periodic work obligations outside of core business hours to support the 24/7 nature of our store operations.
- This role may require occasional travel, including overnight stays for training, conferences, or other events with reimbursement available for approved accommodations and/or expenses.
Why You Should Join Wills Group
We are a $1.5 billion company headquartered in La Plata, Maryland (an easy 45-minute reverse commute from DC) with nearly 300 retail locations across the Mid-Atlantic region, including Dash In, Splash In ECO Car Wash, and SMO Motor Fuels. A family-owned company since 1926, our passion areas are in convenience retailing, fuels marketing, and commercial real estate and we pride ourselves on keeping our customers', employees' and communities' Lives in Motion.
Our Wills Group employees come to work for more than just a paycheck, but rather they come to learn, make contributions, make an impact, and feel valued as a part of our family-friendly culture. We have a work-hard, play-hard mentality that makes us a progressive company and we thrive on giving back to our community. That is what is core to our DNA.
Benefits and Perks
Are you interested in joining a certified Great Place to Work™ that invests in your development, future, and well-being? Are you looking for more than the daily grind where your day-to-day work makes an impact not only for the organization but for your community and your future? Then The Wills Group is the right fit for you.
We take pride in investing in our people's well-being, that's why we back our words with competitive total rewards packages.
Financial Wellbeing –Employer 401 (k) match (currently at 7%), health savings plan, and financial planning
Physical Wellbeing – comprehensive health, vision, and dental plans that meet the needs of our people
Paid Time Off – Vacation, Sick, Personal, and Community Engagement, Parental Leave for new Moms and Dads
Work/Life Balance – Hybrid and Flexible work environment, Employee Assistance Program, Travel Assistance, Family Life Planning
Education and Development Opportunities – 100% Tuition reimbursement to support our people's education goals, robust development programs, and certificate program assistance (up to 100% employer-paid)
Competitive Salary - competitive pay matched to DC Metro area
Wills Group is an equal opportunity employer. Wills Group does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.