Who We Are
Xponential Fitness is the largest global franchisor of health and wellness brands. The portfolio of brands includes Club Pilates, the nation's largest Pilates brand; CycleBar, the nation's largest indoor cycling brand; StretchLab, a concept offering one-on-one and group stretching services; YogaSix, the largest franchised yoga brand; Pure Barre, a total body workout that uses the ballet barre to perform small isometric movements; Rumble, a boxing-inspired full-body workout; BFT, a functional training and strength-based fitness program; and Lindora, a metabolic health brand. Through the Company’s brands and the On-Demand virtual platform, XPLUS, Xponential Fitness continues to push their mission forward to make health and wellness accessible to everyone.
Job Summary
The Head of Information Security will be responsible for developing, implementing, and managing the company's information security strategy. This role will ensure the protection of sensitive data, compliance with relevant regulations, and the overall security posture of our corporate and franchise operations. The ideal candidate will have a strong background in cybersecurity, risk management, and a proven track record of leading security teams. This is a hands-on role on a small technical team.
Duties/Responsibilities
- Leadership: Develop and execute a comprehensive information security strategy aligned with the company's business objectives and risk appetite.
- Technical Ability: Architect and implement security solutions.
- Risk Management: Identify, assess, and mitigate information security risks across all franchise locations, ensuring compliance with industry standards and regulations.
- Policy Development: Establish and enforce information security policies, procedures, and standards to protect the company's data and technology assets.
- Business Continuity: Create, lead, test, and manage business continuity plans.
- Incident Response: Lead the incident response to effectively manage and respond to security breaches and vulnerabilities, ensuring timely communication and resolution.
- Training and Awareness: Develop and implement security awareness programs for employees and franchisees to promote a culture of security within the organization.
- Collaboration: Work closely with IT, legal, and compliance teams to ensure that security measures are integrated into all business processes and technology initiatives.
- Monitoring and Reporting: Oversee security monitoring systems and conduct regular audits to assess the effectiveness of security controls, reporting findings to senior management.
Benefits
- Medical, Dental and Vision benefits
- This role is eligible for a monthly cell phone allowance
- Empower is our 401k company. We offer Traditional and Roth 401k plans. Employer match is 4% and starts matching at the beginning of year 2. Your 401k would be fully vested at the start of year 3
- Complimentary corporate memberships to XPLUS and XPASS
- Discounts on retail brand merchandise- up to 30% off wholesale price
- On-site gym
- On Campus Amenities: Reborn Coffee Shop, Hangar 24, Mini Putting Green, Basketball Court, Bird Sanctuary, Car Washing Services (M/W), Dry Cleaning Services
Xponential Fitness LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
Qualifications
- PCI and Sox Compliance
- Bachelor’s degree in information technology, Computer Science, Related courses, or a related work experience
- 7+ years of experience in security and technology management.
- 4+ years of securing AWS network, server infrastructure, storage, and data warehouse
- 4+ Experience in securing mobile and web-based applications
- Proven experience in managing and securing IT systems, projects, and budgets within a corporate environment, preferably in the fitness or franchise industry.
- Strong understanding of IT infrastructure, software development lifecycle, cybersecurity protocols, and data management practices.
- Excellent problem-solving skills, with the ability to make sound decisions under pressure.
- Strong communication and interpersonal skills, with the ability to collaborate effectively with diverse teams and stakeholders.
- Proven track record of successfully implementing technology solutions that drive business improvements