Director, IT Security page is loaded## Director, IT Securitylocations:
Waterloo, Wisconsintime type:
Full timeposted on:
Posted Yesterdayjob requisition id:
Trek113982**Job Description**## Role SummaryJoin Trek as the Director of IT Security and lead the strategy that protects one of the most recognized brands in the cycling industry. In this role, you will own the global information security program and guide a talented team responsible for securing our retail, ecommerce, manufacturing, distribution, and corporate environments. You will define and execute a multi‑year security roadmap, strengthen operational resilience, and advance Trek's Zero Trust posture. You'll partner across IT and the business to embed security into engineering, architecture, and delivery, and empower teams to move fast while keeping data, systems, and riders safe. If you thrive in a role that blends strategy, technical depth, and hands‑on leadership, this is your opportunity to shape the future of security at a global, innovation‑driven organization.## Key Responsibilities* Define and maintain a multi-year security strategy and roadmap (including Zero Trust and measurable outcomes).* Own security governance: policies, standards, risk decisions, and the policy exception process (including expiration and renewal).* Lead security operations (monitoring, triage, incident response, and post-incident learning) and ensure effective on-call and service queue coverage.* Oversee centralized logging, correlation, and alerting; continuously tune detections and automate response with SOAR where appropriate.* Drive risk-based vulnerability management oversight in partnership with Infrastructure and Application Development; prioritize remediation based on business impact.* Own identity and access management governance, including Conditional Access and privileged access controls.* Oversee application security practices and tooling integration (SAST/DAST and secure delivery guardrails) with Application Development and QA teams.* Lead vendor and third-party security assessment governance in collaboration with IT Procurement and business owners; track remediation and risk acceptance.* Partner with Internal Audit and stakeholders to ensure audit-ready evidence for key security controls (UARs, vendor assessments, IR, exceptions).* Define security architecture patterns and guardrails for on-prem and cloud services; influence design reviews and operational readiness.* Manage security tooling strategy and lifecycle planning, maximizing value from platforms and licenses.* Coach and develop security staff; establish operating rhythms, metrics, and executive reporting.* Perform other duties as assigned.## Required Qualifications* 10+ years in IT and/or cybersecurity with progressive responsibility, including leading enterprise security initiatives.* Demonstrated experience owning an information security program (strategy, governance, operations, metrics, and reporting).* Strong technical fluency across identity, endpoint, network, SaaS, and cloud security controls, plus incident response practices.* Holds two or more relevant certifications (e.g., CISSP, CCSP, CISM, SANS GSTRT or equivalent).* Experience with risk assessment, audit support, evidence collection, and communicating risk to technical and executive stakeholders.* Experience with third-party/vendor security assessments and risk-based decision-making.**Trek Benefits:**•
Flexible and fun company culture
•
Competitive health care
•
PPO & HDHP medical plan options, Dental insurance, Vision insurance
•
Flexible Spending Accounts (FSA)
•
Free life insurance & optional term life insurance
•
Competitive vacation package
•
401(k) with match and Employee Stock Ownership Plans (ESOP)
•
12 weeks of maternity leave with 100% pay
•
Flexible holiday schedule – 10 company holidays
•
Tuition Reimbursement up to $15,000! (Undergraduate & Masters programs)
•
Employee discounts on all product
•
Deep partner retail discounts
We are an Equal Employment Opportunity (“EEO”) Employer. Trek strictly prohibits discrimination on the basis of race, color, creed, religion, gender, gender identity, pregnancy, marital status, partnership status, sexual orientation, age, national origin, veteran or military status, disability, medical condition, genetic information, or any other characteristic prohibited by federal, state and/or local laws.
This policy applies to all aspects of employment, including hiring, promotion, demotion, compensation, training, working conditions, transfer, job assignments, benefits, layoff, and termination.
We are an E-Verify employer.For more information, please click on the following links:
E-Verify Participation Poster:
E-Verify Right to Work Poster:
|Trek is a place where you’re valued for being you. If you’re really into bikes, that’s great. If you’re not (yet), that’s great too. Because there’s a lot more to Trek than bikes. Every person has a unique history and life experience to bring to the table. We respect that. It’s what makes us who we are. Trek was named to
Learn more of why Trek is one of the top #J-18808-Ljbffr
Waterloo, Wisconsintime type:
Full timeposted on:
Posted Yesterdayjob requisition id:
Trek113982**Job Description**## Role SummaryJoin Trek as the Director of IT Security and lead the strategy that protects one of the most recognized brands in the cycling industry. In this role, you will own the global information security program and guide a talented team responsible for securing our retail, ecommerce, manufacturing, distribution, and corporate environments. You will define and execute a multi‑year security roadmap, strengthen operational resilience, and advance Trek's Zero Trust posture. You'll partner across IT and the business to embed security into engineering, architecture, and delivery, and empower teams to move fast while keeping data, systems, and riders safe. If you thrive in a role that blends strategy, technical depth, and hands‑on leadership, this is your opportunity to shape the future of security at a global, innovation‑driven organization.## Key Responsibilities* Define and maintain a multi-year security strategy and roadmap (including Zero Trust and measurable outcomes).* Own security governance: policies, standards, risk decisions, and the policy exception process (including expiration and renewal).* Lead security operations (monitoring, triage, incident response, and post-incident learning) and ensure effective on-call and service queue coverage.* Oversee centralized logging, correlation, and alerting; continuously tune detections and automate response with SOAR where appropriate.* Drive risk-based vulnerability management oversight in partnership with Infrastructure and Application Development; prioritize remediation based on business impact.* Own identity and access management governance, including Conditional Access and privileged access controls.* Oversee application security practices and tooling integration (SAST/DAST and secure delivery guardrails) with Application Development and QA teams.* Lead vendor and third-party security assessment governance in collaboration with IT Procurement and business owners; track remediation and risk acceptance.* Partner with Internal Audit and stakeholders to ensure audit-ready evidence for key security controls (UARs, vendor assessments, IR, exceptions).* Define security architecture patterns and guardrails for on-prem and cloud services; influence design reviews and operational readiness.* Manage security tooling strategy and lifecycle planning, maximizing value from platforms and licenses.* Coach and develop security staff; establish operating rhythms, metrics, and executive reporting.* Perform other duties as assigned.## Required Qualifications* 10+ years in IT and/or cybersecurity with progressive responsibility, including leading enterprise security initiatives.* Demonstrated experience owning an information security program (strategy, governance, operations, metrics, and reporting).* Strong technical fluency across identity, endpoint, network, SaaS, and cloud security controls, plus incident response practices.* Holds two or more relevant certifications (e.g., CISSP, CCSP, CISM, SANS GSTRT or equivalent).* Experience with risk assessment, audit support, evidence collection, and communicating risk to technical and executive stakeholders.* Experience with third-party/vendor security assessments and risk-based decision-making.**Trek Benefits:**•
Flexible and fun company culture
•
Competitive health care
•
PPO & HDHP medical plan options, Dental insurance, Vision insurance
•
Flexible Spending Accounts (FSA)
•
Free life insurance & optional term life insurance
•
Competitive vacation package
•
401(k) with match and Employee Stock Ownership Plans (ESOP)
•
12 weeks of maternity leave with 100% pay
•
Flexible holiday schedule – 10 company holidays
•
Tuition Reimbursement up to $15,000! (Undergraduate & Masters programs)
•
Employee discounts on all product
•
Deep partner retail discounts
We are an Equal Employment Opportunity (“EEO”) Employer. Trek strictly prohibits discrimination on the basis of race, color, creed, religion, gender, gender identity, pregnancy, marital status, partnership status, sexual orientation, age, national origin, veteran or military status, disability, medical condition, genetic information, or any other characteristic prohibited by federal, state and/or local laws.
This policy applies to all aspects of employment, including hiring, promotion, demotion, compensation, training, working conditions, transfer, job assignments, benefits, layoff, and termination.
We are an E-Verify employer.For more information, please click on the following links:
E-Verify Participation Poster:
E-Verify Right to Work Poster:
|Trek is a place where you’re valued for being you. If you’re really into bikes, that’s great. If you’re not (yet), that’s great too. Because there’s a lot more to Trek than bikes. Every person has a unique history and life experience to bring to the table. We respect that. It’s what makes us who we are. Trek was named to
Learn more of why Trek is one of the top #J-18808-Ljbffr