Cybersecurity Director

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, Management Information Systems, Engineering, or other computer-related degree required.
• Twelve (12) or more years of diversified IT experience with at least five (5) years in Cybersecurity required.
• Five (5) or more years managing first level leaders and high-level professional staff.
• Two (2) or more years of experience leading cyber incident response required.
• Authentic Communicator - Expresses ideas and information, both verbally and in writing, clearly and credibly. Listens to understand and fosters constructive dialogue.
• Business Acumen - Applies knowledge of MPC’s business, industry, and the marketplace to advance the organization’s goals. Makes decisions and recommendations clearly linked to MPC’s strategy.
• Continuous Improvement Mindset - Identifies and leads opportunities for continuous improvement and value creation, both incremental and large-scale.
• Data-Driven Decision Making – Applies data to make informed decisions with a priority on using real-time data, analytics, and insights to optimize operations, improve safety, and enhance the company's competitive edge.
• Digital Awareness - Actively explore, learn, and implement emerging digital tools, technologies, and trends. Involves seeking out new information, asking insightful questions, and testing innovative approaches to understand how digital solutions can create value, improve processes, or enhance experiences. Demonstrates openness to change, continuous learning, and adapting to the evolving digital landscape.
• Energizing the Organization - Creates a purposeful, engaged, optimistic workforce.
• Influencing Others - The ability to garner support for initiatives by gaining the respect of others and inspiring trust and confidence.
• Ongoing Learning & Self-Development - Regularly determines new areas for learning and acquires strategies and best practices for gaining/improving knowledge, behaviors, and skills.
• Results Driven - Drives operational and process excellence and innovative behavior by empowering others, collaborating, taking appropriate risks, making timely decisions, and holding people accountable for results.
• Selecting and Developing People - Recognizes and selects high caliber talent, accurately assesses abilities and potential, coaches to develop capabilities and builds high-performing teams.
• Strategic Outlook - Examines issues, generates ideas, creates future scenarios, and develops plans with a long-term perspective. Ensures short-term goals support long-term strategy and that organizational/functional strategy aligns with and supports MPC’s overall business strategy.

Nice To Haves

• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) preferred.

Responsibilities

• Leads people leaders and individual contributors through guidance, coaching, and support to ensure assignments align with organizational goals and established policies.
• Drives recruitment, development, retention, performance management, and succession planning to build a strong talent pipeline.
• Collaborates with key stakeholders and senior management to provide strategic guidance on technology risks, opportunities, and prioritization, ensuring cost-effective and agile solutions.
• Oversees the planning, design, implementation, and measurement of IT systems, balancing agility with stability, security, and efficiency.
• Develop and execute the Cyber Fusion Center (CFC) and Governance, Risk, and Compliance (GRC) strategies, aligning cybersecurity incident monitoring, detection and response, vulnerability management, threat intelligence and hunting, IT and cybersecurity governance, compliance, and risk management to enterprise security objectives, enterprise risk management, and regulatory requirements.
• Oversee the integration and management of advanced security technologies and platforms, including SIEM, SOAR, EASM, vulnerability management, threat intelligence feeds, and endpoint and network security logs to enable comprehensive threat detection and response, and defensive posture assessment.
• Guide and oversee the enterprise IT and cybersecurity governance frameworks that guide secure technology operations across the organization, collaborating with IT and business units to integrate security requirements into digital systems.
• Oversee enterprise-wide technology risk management processes, including internal and external cyber risk assessments, M&A ventures, and mitigation planning to protect critical systems and data.
• Lead the design and continuous improvement of cybersecurity processes and workflows, ensuring efficient coordination across threat hunting, monitoring, vulnerability management, and incident response teams within the CFC; and across governance, risk, and compliance within the GRC function.
• Serves as the enterprise Cybersecurity Incident Commander and ensures real-time threat detection, analysis, and rapid incident response capabilities, establishing 24/7 operations, playbooks, and automated response mechanisms to minimize operational impacts in the event of an incident.
• Manage collaboration with IT, security, emergency preparedness, legal, audit, risk, and business units, developing cross-functional threat response processes and aligned strategies to strengthen the company’s security posture; and with trade associations and ISACs, fostering information sharing and best practices.
• Drive compliance, governance, and reporting frameworks, monitoring risk posture and maintaining audit readiness, metrics, and executive and regulatory reporting to demonstrate effectiveness, maturity, and continuous improvement of cyber capabilities.

Benefits

• access to health, vision, and dental insurance
• paid time off
• 401k matching program
• paid parental leave
• educational reimbursement
• discretionary company-sponsored annual bonus program