The Company

Wolfe, LLC, is an e-commerce company, located in Pittsburgh, PA, focused on next-generation gifting business models.

We are well known for being the company that started the first coupon website in 1995 which sold to a public company in 2000, at the peak of the dot-com era, when we were delivering 20 million page views per month.

We then built Direct Response Technologies; grew it to 70 employees; and sold it to Digital River in 2006. We spun off Jambo Media with our tech team and sold it to Undertone in 2012.

We built and focused on GiftCards.com and in 2016 sold it to Blackhawk Network with over 100 employees.

Today, our current focus is Gift Card Granny, PerfectGift, and GiftYa. We have grown from 25 employees / contractors in 2019 to over in 2022. We are experiencing triple digit growth year over year for 3 years, thankfully. Our organization is committed to a positive work environment, and we prioritize our culture to continue to facilitate our high performance as a cohesive culturally enlightened team. We use OfficeVibe, Bonusly, and other leading tech tools to ensure our initiatives are effective.

Company and Executive Team Recognitions:

• 2022 First place - Fast 50 Growing Companies Pittsburgh, Pittsburgh Business Times
• 2020 Best Places to Work by the Pittsburgh Business Times
• 2019 Carnegie Science Award Recipient, Entrepreneur Category
• 2017 Outstanding Entrepreneur Award Winner by the Pittsburgh Venture Capital Association
• 2015 Business Times Diamond Award Winner
• 2015 Business Ethics Award Winner
• 2015 Create Award Winner
• 2015 CEO of the Year Winner Pittsburgh Technology Council
• 2014 Entreprenuer.com Entrepreneur of the Year Finalist
• 2013 Governors Impact Award Winner
• 2011 Ernst & Young Entrepreneur of the Year Award Winner
• 2011 CFO of the Year Finalist
• 2011 CIO of the Year Finalist

The Role

Wolfe is seeking a Director of Security to help improve and maintain the confidentiality, integrity and availability of Wolfe systems and facilities. The Director of Security will assist our VP of Security with program management. Perform security operations for both cyber and physical assets to reduce risk and fulfill compliance requirements. be responsible for performing security operations for both cyber and physical assets to reduce risk and fulfill compliance requirements.

Responsibilities:

• Directly be involved with assisting with overseeing security operations of three (3) main areas: Physical, Cyber/logical, and Compliance.

• Act as a backup to VP of Security to perform security program management such as, but not excluded to, overall security program management, resource management, project roadmap development, security architecture, contract management, financial management, risk management, audit preparedness, executive reporting, third-party risk management, delivering security awareness, and information security policy management.

• Perform incident response activities for any cyber and physical security incidents, including containment, investigation, remediation, and reporting

• Perform day-to-day cyber and physical security operations of a high security manufacturing facility.

• Improve all aspects of application, endpoint, and cloud security by performing and overseeing regular maturity assessments and measurements.

• Assist with application security operations such as threat modeling, SAST, DAST, SCA, and security vulnerability/bug management.

• Oversee and assist with penetration testing and web application vulnerability testing for all company properties

• Manage the process to develop alerts and automations from systems like endpoint protection, IDS/IPS, & email security, SIEM, cloud native security services, and respond to various managed third-party security service providers.

• Assist with testing Disaster Recovery, Business Continuity, and Incident Response programs

• Provide advice as subject-matter and technical expertise for customers and stakeholders.

• Assist with maintaining PCI Level 1 Service Provider/Merchant compliance, including managing PCI-DSS compliance and passing annual assessments performed by an external QSA

• Oversee and assist with cyber/logical and physical audits, review findings, recommend and perform corrective actions

• Assist with performing and maturing identity management processes via automation.

• Develop, maintain, and report on security metrics delivered to leadership.

• Assist with development and implementation of security awareness & training programs for the security guard staff, manufacturing personnel, developers, and company users

• Maintain and enforce Company security policies and procedures.

• Maintain working relationship with security vendors to provide the highest quality of service

• Perform risk analysis for all physical and cyber/logical security via risk register

• Immediately report any cyber/logical or physical security incidents directly to leadership

• Responsible for maintaining compliance with physical and cyber/logical security regulations governing card personalization vendors

• Assist with security guard staff management

• Assume other responsibilities as assigned

Qualifications/Skills:

• Post high school degree in a related field such as Information Technology, Cyber Security, or Information Security and a minimum of 5 years relevant work experience.

• Ability to work independently and make decisions regarding a high security facility and IT environment yet act as part of a team.

• Be able to manage cross-functional teams to meet security goals and requirements.

• On-call and non-standard business hours work may be required.

• Must be highly organized; security conscious; able to write quality, readable documentation; adhere to change management policy and procedures.

• Must be proficient and possess a minimum of 3 years’ experience in a majority of the following:

• PCI DSS Compliance

• Application Security/DevSecOps program development

• Project Management

• Previous experience being audited

• Conducted internal audits

• Conducted risk assessments

• Access Control System Management (physical security)

Ideal qualifications are Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Secure Software Lifecycle Professional (CSSLP), or other security related certifications; and working experience with web application development teams and secure coding practices is desirable

Compensation & Benefits

Wolfe is committed to providing its employees with a benefits package designed to give them the flexibility they need to ensure a healthy life/work balance. Wolfe offers its employees great benefits and perks, including, but not limited to:

• Medical, Prescription, Vision, Dental, and 401K
• 15 Days of PTO to start
• 11 Paid Holiday’s
• Restricted Stock Units (RSU’s) (our employees have earned over $16m through this program since 2006)
• Tuition Reimbursement
• Employee recognition program
• Charitable Donation to a Charity of YOUR Choice yearly
• Refer Friends, and if we hire them, you get awarded
• Family Picnic, Holiday Party, and other employee outings
• Flex-time Scheduling and a Telecommuting Policy

If that’s not enough, Wolfe has more to offer, like:

Top 75% pay range versus other local employers

Brown bag sessions to keep you informed on the company/industry

Wolfe is an Equal Opportunity Employer.

Wolfe does not sponsor individuals for the purpose of obtaining H-1 Visas.