Associate Director - Cybersecurity Posture, Hygiene and AI (Remote)

About The Position

Requirements

• Bachelors Degree and 9 years of experience OR Masters Degree and 8 years of experience OR PhD and 4 years of experience
• Proven leadership in cybersecurity, with extensive experience in managing security posture and hygiene strategies within complex and diverse IT environments
• Experience implementing an AI security program across an enterprise.
• Expert knowledge of operating systems, networking protocols, systems administration, X as a service, applications, and security technologies.
• Expert knowledge and application of cybersecurity terminology, concepts, and the cyber threat landscape and attack vectors.
• Deep understanding of risk management principles and the ability to integrate these into security practices.
• Experience with the CIS Top 18 controls and familiarity with the CIS Controls Implementation Groups (IGs) methodology.
• Demonstrated ability to innovate and adapt in response to a constantly changing environment.
• Advanced critical thinking, problem solving, and analytical skills
• Strong leadership and collaboration skills with business and technical groups.
• Excellent written and verbal communication and listening skills, with the ability to effectively convey technical insights to technical and non-technical stakeholders.
• Demonstrated ability to interface effectively with clients, IT management, and staff.
• A sincere desire to learn, grow, and go beyond personal capabilities, staying abreast of the latest developments in the cybersecurity landscape

Nice To Haves

• Professional cybersecurity certifications (e.g., CISSP, CISM, CIS Controls, etc.) are highly desirable.

Responsibilities

• Establish a comprehensive mature security posture and hygiene strategy for artificial intelligence and machine learning technologies, including generative AI, across enterprise environments (on‑premise and cloud).
• Assemble and manage a team dedicated to implementing, assessing, and maturing the CIS Top 18 critical controls and their associated safeguards.
• Develop and execute strategies for continuous monitoring and improvement of security controls and configurations across enterprise systems.
• Ensure the hygiene of security configurations by establishing and enforcing policies, procedures, and standards to prevent unauthorized access, data breaches, and other cyber threats.
• Collaborate with IT, network, and other relevant departments to align security measures with organizational goals and compliance requirements.
• Develop and maintain comprehensive documentation on security controls, assessments, incidents, and improvements.
• Conduct regular assessments to determine the maturity of each security control, identifying areas for improvement and recommending enhancements.
• Foster strong partnerships with technology and domain stakeholders to ensure seamless integration and compliance of security practices across the enterprise.
• Stay abreast of the latest cybersecurity trends, threats, and technologies to adapt and evolve our security strategies accordingly.
• Lead initiatives to educate and train team members and the wider organization on cybersecurity good practices and the importance of a forward-thinking security posture.
• Ensure that all security programs and initiatives adhere to relevant laws, regulations, and policies, continuously updating practices to meet new standards.
• Oversee daily operations, including targeted assessments, risk management, and response strategies, ensuring a high level of security and resilience against cyber threats.
• Build collaborative relationships and partner effectively with business and technology senior leaders.
• Maintain expert-level professional and technical knowledge in relevant domains
• Building metrics and dashboards that will provide stakeholders with actionable insights into the security posture of technologies

Benefits

• paid time off (vacation, holidays, sick)
• medical/dental/vision insurance
• 401(k)
• short-term incentive programs