Share this Job

Information Security Manager - Governance, Risk & Compliance

Location: Modesto, CA, US Austin, TX, US Lansing, MI, US Cheyenne, WY, US Dallas, TX, US Alexandria, VA, US Houston, TX, US Orlando, FL, US

Date: Sep 2, 2021

Company: E. & J. Gallo

Why Gallo?

With a global portfolio of over 100 unique wine and spirits brands, we are the largest family-owned winery in the world. Apply Today! Our Brands. Your Future.

Remote Opportunity - This position can be remote for the right individual.


As  a Manager of Information Security Governance, Risk and Compliance you will drive consistent, repeatable results by aligning security initiatives with industry controls, organizing information and evidence, measuring outcomes, and ensuring information assets are protected at appropriate levels for resiliency to threats. You will have the opportunity to build strong partnerships across the company and influence others in order to mature the program and minimize regulatory and compliance concerns. Ensures key cybersecurity risks are identified, assessed, communicated, driven to tolerance and monitored. Leads a team responsible for building and deploying effective policies, processes and controls across various technologies, systems, applications and business operations in the enterprise.


What You Will Do:

  • Manages the analysis of detailed specifications and business requirements.
  • Manages an information security team, consisting of direct reports and indirect reports (such as individuals in business continuity and IT operations). This includes hiring, training, staff development, performance management and annual performance reviews.
  • Plan, prioritize, and manage resources to ensure compliance with ITGCs, PCI, GDPR, CCPA, and other applicable regulations.
  • Work with Internal Audit and outside consultants as appropriate for audit compliance and attestation
  • Review and update the organization’s information security policies and standards to ensure continued effectiveness and compliance with applicable Federal, State, and local laws.
  • Develop and communicate operational status reports, performance analysis, and ad hoc reporting requirements for internal and external customers.
  • Manage the Information Security Risk Assessment Program including project risk assessments, vendor security assessments and new technology assessments.
  • Review and manage third party System and Organization Controls (SOC) reports.
  • Manage the Information Security Awareness Program.
  • Manage the creation of data flows, data maps, and business process mapping.
  • Assigns, monitors and reviews the progress and accuracy of assigned work.
  • Prepares Project Request and Purchase Requisition documents.
  • Prepares and presents activities and progress reports regarding the department's projects and ongoing operations.
  • Acts as a liaison with information systems department staff and other departments to coordinate activities.
  • Directs and coordinates activities of project personnel to ensure project progresses on schedule and within prescribed budget.
  • Implements a successful vision/strategy, through strong leadership skills.
  • Develops and recommends changes to systems, policies, and procedures; ensures timely and accurate implementation.
  • Participates in department and interdepartmental planning and management teams and works cross-functionally to improve processes within the organization.
  • Ensures adherence to budgets and may develop the operating budget and capital spending plan.
  • Identifies and obtains staff capabilities needed to accomplish organizational directives.
  • Monitors and ensures achievement of performance goals and objectives either directly or through subordinate staff.
  • Balances planning efforts with day to day demands.
  • Ensures employee conformance to established best practices and proper training of staff.
  • Responsible for understanding and complying with applicable quality, environmental and safety regulatory considerations. If accountable for the work of others, responsible for ensuring their understanding and compliance.



Supervisory Responsibilities:

  • Develops, coaches and mentors peers, indirect and subordinate staff.
  • If accountable for the work of others, conducts performance evaluations; reviews and communicates salary adjustments; rewards employees or takes disciplinary action, as necessary; addresses complaints and resolves issues.


What You Will Need:

  • Bachelor's degree plus 5 years of experience in information security, information systems, or system administration reflecting increasing levels of responsibility; OR High School diploma or State-issued equivalency certificate plus 9 years of experience in information security, information systems or system administration reflecting increasing levels of responsibility; OR Bachelor’s degree in Computer Science, MIS, Math, Engineering, or Business Administration plus 4 years of experience in information security, information systems, or system administration.


What Will Set You Apart:

  • Master’s degree.
  • Certified Information Systems Security Professional (CISSP) or equivalent Information security certification.
  • 7 years of experience managing a 24x7 support organization including staffing, service level management and L1 support for all facets of IT.
  • 5 years of experience managing out-sourced and cloud services vendors and associated contracts.
  • Demonstrates a passion for security and leads by example to foster continued growth and expertise within the team.
  • Authoritative knowledge of generally accepted security policies/frameworks and audit requirements as well as extensive experience with related technologies to ensure that compliance.
  • Proven experience successfully leading cybersecurity initiatives, specifically within Risk Management.
  • Experience reading, analyzing and interpreting common scientific and technical journals, financial reports and legal documents. Experience responding to common inquiries or complaints from customers, regulatory agencies or members of the business community.
  • Skilled at writing speeches and articles for publication that conform to prescribed style and format. Experience effectively presenting information to top management, public groups and boards of directors.
  • Computer skill requirements include basic MS Access; intermediate MS Word, Excel and PowerPoint.
  • Excellent communication skills to clearly communicate security recommendations, decisions, and to build and maintain security relationships across the enterprise
  • Skilled in applying principles of logical or scientific thinking to a wide range of intellectual and practical problems.
  • Experience dealing with a variety of abstract and concrete variables.
  • Experience working with all levels and functions within the Company.
  • Skilled in resolving conflict as well as manage customer expectations.

Gallo does not sponsor for employment based visas for this position now or in the future

To view a full job description, please click here.

Requisition ID: 82701 




Gallo is an Equal Employment opportunity and Affirmative Action Employer. We do not discriminate on the basis of race, traits historically associated with race, including but not limited to, hair texture and protective hairstyles (such as braids, locks, and twists), color, national origin, ancestry, creed, religion, physical disability, mental disability, medical condition as defined by applicable state law (including cancer and predisposing genetic characteristics in California), genetic information, marital status, familial status, sex, gender, gender identity, gender expression, pregnancy, childbirth or related medical conditions, sexual orientation (actual or perceived), transgender status, sex stereotyping, age, military or veteran status, domestic violence or sexual assault victim status, or any other basis protected by applicable law. 


We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Gallo is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process.
If you need any assistance or accommodations due to a disability, please let us know at 209.341.7000.


Nearest Major Market: Modesto

Job Segment: Risk Management, Compliance, Law, Manager, Internal Audit, Finance, Legal, Management