Gallo Privacy Policy

We are GALLO

We're a family-owned company with a 90+ year legacy, that's consistently recognized as a Glassdoor "Best Places to Work." We have 130+ brands in our total alcohol beverage portfolio including wine, malt, spirits, and ready-to-drink beverages. We're home to the #1 wine and spirits brands in the U.S. - Barefoot Wine & High Noon and are the official sponsors of the NFL, NHL, UFC, and PGA TOUR.

View our Corporate Values and Mission Statement here.

Location - This position will be based in our Modesto office with an option for occassional telecommuting. You will be expected to live within a commutable distance.

Are you passionate about driving security initiatives and ensuring the resiliency of information assets against threats? We are seeking a dynamic leader to join our team as an Information Security Manager. In this role, you will be responsible for aligning security measures with industry standards, organizing critical information, and measuring outcomes to protect our assets effectively. Your ability to build strong partnerships across the company will be key in maturing our program and minimizing regulatory and compliance concerns.

As the Information Security Manager, you will manage a dedicated team, overseeing their development and performance to ensure compliance with ITGCs, PCI, GDPR, CCPA, and other relevant regulations. You will also collaborate with Internal Audit and external consultants to maintain audit compliance and attestation. Your role will involve continuous review and updating of our information security policies to ensure their effectiveness and compliance with all applicable laws.

You will be instrumental in managing our Information Security Risk Assessment Program, including project risk assessments, vendor security assessments, and new technology assessments. Additionally, you will oversee third-party System and Organization Controls (SOC) reports and manage our Information Security Awareness Program. Creating data flows, data maps, and business process mapping will be part of your responsibilities.

We are looking for someone with strong leadership skills to implement successful strategies and drive projects to completion within budget and on schedule. You will need to balance planning efforts with day-to-day demands and ensure your team adheres to established best practices. Compliance with quality, environmental, and safety regulations is a must.

The ideal candidate will exhibit intrapreneurship and ownership behaviors, taking bold initiatives, learning from mistakes, driving candid discussions, and holding themselves and others accountable. You will develop, coach, and mentor your team, conducting performance evaluations, managing salary adjustments, rewarding employees, or taking disciplinary actions as necessary.

If you are ready to take on a challenging yet rewarding role that impacts the entire organization, we would love to hear from you. Join us in our mission to enhance our cybersecurity posture and protect our information assets effectively.

Minimum Qualifications:

•  Bachelor's degree plus 5 years of experience in information security, information systems, or system administration reflecting increasing levels of responsibility; OR High School diploma or State-issued equivalency certificate plus 9 years of experience in information security, information systems or system administration reflecting increasing levels of responsibility; OR Bachelor's degree in Computer Science, MIS, Math, Engineering, or Business Administration plus 4 years of experience in information security, information systems, or system administration.
•  Required to travel to company offices, sites, and/or meeting locations for onboarding, training, meetings, and events for development, department needs, and business delivery up to 5% of the time, with or without reasonable accommodation. This may be in addition to travel requirements, if applicable, as listed in this job description.
•  Required to be 18 years or older. This may be in addition to other age requirements, if applicable, as listed in this job description.

What Will Set You Apart:

•  Master's degree.
•  Certified Information Systems Security Professional (CISSP) or equivalent Information security certification.
•  7 years of experience managing a 24x7 support organization including staffing, service level management and L1 support for all facets of IT.
•  5 years of experience managing out-sourced and cloud services vendors and associated contracts.
•  Demonstrates a passion for security and leads by example to foster continued growth and expertise within the team.
•  Authoritative knowledge of generally accepted security policies/frameworks and audit requirements as well as extensive experience with related technologies to ensure that compliance.
•  Proven experience successfully leading cybersecurity initiatives, specifically within Risk Management.
•  Experience reading, analyzing and interpreting common scientific and technical journals, financial reports and legal documents. Experience responding to common inquiries or complaints from customers, regulatory agencies or members of the business community.
•  Skilled at writing speeches and articles for publication that conform to prescribed style and format. Experience effectively presenting information to top management, public groups and boards of directors.
•  Computer skill requirements include basic MS Access; intermediate MS Word, Excel and PowerPoint.
•  Excellent communication skills to clearly communicate security recommendations, decisions, and to build and maintain security relationships across the enterprise
•  Skilled in applying principles of logical or scientific thinking to a wide range of intellectual and practical problems.
•  Experience dealing with a variety of abstract and concrete variables.
•  Experience working with all levels and functions within the Company.
•  Skilled in resolving conflict as well as manage ...