Share this Job

Business Unit Information Security Officer

Date: Oct 13, 2021

Location: Kansas City, MO, US, 64108

Company: Hallmark

     reqid: 88626 



Come join us. You’ll add value to one of the world’s most iconic consumer brands and be part of our company with a life-affirming purpose to inspire meaningful connections. Our products, content and experiences aim to enrich all lives by making a genuine difference in every life, every day, and our business is focused on bringing the value and relevance of Diversity and Inclusion to every brand, product and person we touch.  


Our overarching enterprise D&I Framework and plans demonstrate our belief and value in having a diverse and inclusive workforce. Hallmark’s D&I efforts will continue to represent ongoing progress and reinforce our commitment, as will our intentional focus on bringing more diverse talent into our business and onto our teams. Also, Hallmark has been recognized as one of Forbes 2020 Best Employers for Diversity, Women and New Grads. 



The Business Unit Information Security Officer (BISO) is the information security officer for all services and core platforms for the Business Unit (BU).  This position will prioritize security risks across the BU and technology, as well as representing Information Security in local security matters. The BISO will be responsible for providing read-outs on efficiency of security controls over their environment & projects; acting as the security liaison between the line of business, IT and the Information Security (IS) organization.   



Key success criteria for this role include:

  • Driving security into all internal services and business unit solutions, as well as ensuring risk remediations are prioritized appropriately with system owners and management.
  •  A deep knowledge of defense-in-depth strategies required to secure data and the large-scale complex infrastructures storing and transmitting of sensitive information.  



  • Implementation of the corporate information security, data protection and privacy policies across the business.
  • Plan and manage the network architecture and compliance through direct collaboration with BU leaders, auditors and certification bodies.
  • Experience in compliance management activities for PCI-DSS and in-depth understanding of PCI-DSS requirements.
  • Coordinate regulatory compliance activities for Data Privacy.
  • Collaboration with the Information Security and Security Operations in governance of sensitive information.
  • Management and execution of 3rd party assessment activities including Pen Testing.
  • Assess and develop mitigations for system security, threats & risks.\
  • Serve as a cyber security subject matter expert (SME), coordinating and providing multi-disciplinary knowledge, skills, and experience in security architecture, and security management roles and responsibilities.
  • Provide consulting services on current and upcoming projects covering all levels of network and IT security architecture.
  • Respond to routine support requests from across the business and support development & delivery of Security and Data Protection best practice training
  • Tracking & reporting of vulnerability and patching analysis reports and management of resolution activities.
  • Provide additional security input on Architecture Review, Project Management and Change Control Boards.
  • Respond to BU queries in support of the business programs and projects.
  • Support formal investigations of misconduct in collaboration and manage responses to Information Security and Data Protection incidents and their resolution.
  • Manage and respond to Data Privacy and InfoSec support requests from across the business in coordination with Information Security.
  • Provide advice and guidance to management and BU workforce members.
  • Lead Privacy Impact Assessments on new systems and/or activities involving Personal Data, including review/development of contractual Data Protection language in collaboration with IS organization.
  • Development and delivery of Information Security & Data Privacy best practices and training.


If this sounds like the next exciting step in your career – then apply now!



You must show how you meet the basic qualifications (listed below) in a resume or document you upload, or by completing the work experience and education application fields. Accepted file types are Microsoft Word (DOC or DOCX), PDF, HTML, or TXT.

In compliance with the Immigration Reform and Control Act of 1986, Hallmark Cards, Inc. and its subsidiary companies will hire only individuals lawfully authorized to work in the United States. Hallmark does not generally provide sponsorship for employment. Employment by Hallmark is contingent upon the signing of the Employment Agreement, signing of an agreement to arbitrate in connection with the Hallmark Dispute Resolution Program, completing Form I9 Employment Eligibility Verification, passing the urinalysis drug screen, education verification and satisfactory reference and background checks.



The following is required to be considered for this role:

  • 10+ years or more of experience in Information Security, Information Assurance and/or Cyber Security




  • Advanced degree
  • Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), CIPP, CISA, or other similar credentials.
  • 8+ years of IT security experience working in an infrastructure, programmer or security architecture position / environment.
  • High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment, prudence and maturity.
  • High degree of initiative, dependability and ability to work with little supervision.
  • Must be a critical thinker with strong problem-solving skills.
  • Excellent verbal and written communication skills with a wide range of audiences including technologists, executives, business stakeholders and IT team members.
  • Experience in the information security field designing and implementing enterprise security solutions in a global context.
  • Experience identifying risks, conducting risk assessments and recommending secure solutions.
  • Experience with security practices such as security incident response and risk management.
  • Experience of information security management frameworks, such as NIST, ISO 27001, ITIL and COBIT.
  • Accustomed to leading multiple Security & Privacy risk assessments
  • Deep and broad understanding related to security encompassing end-point technologies, applications, application hosting, physical and virtual data center hosting.
  • Experience in the design, development, implementation and operational support of mission critical solutions in large scale environments and organizations.
  • Experience with contract and vendor negotiations.

Preference will be given to local candidates



At Hallmark, we help people feel connected to what matters. That’s true of our employees, just as it is our consumers. Providing benefits that support the lives and wellbeing of Hallmarkers is among the most important investments the company makes.

Hallmark benefits are designed to give you choices. Wherever you are in life, we want you to find the benefits that are right for you and your loved ones. Explore the Hallmark Benefits Guide to learn more.

Hallmark is an equal opportunity employer.  All qualified applicants will be considered for employment without regard to race, color, religion, sex, age, pregnancy, national origin, physical or mental disability, genetics, sexual orientation, gender identity, veteran status, or any other legally-protected status.  Principals only please.


Nearest Major Market: Kansas City

Job Segment: Risk Management, Finance