Director Cybersecurity

About The Position

Requirements

• KNOWLEDGE, SKILLS & ABILITIES:
• Cybersecurity and Technical Expertise:
• Deep understanding of cybersecurity frameworks, controls, and best practices (NIST CSF, ISO 27001, CIS Controls).
• Strong experience with threat detection and response, vulnerability management, identity and access management (IAM), and data protection.
• Hands‑on familiarity with modern security technologies, including SIEM, EDR/XDR, firewalls, IDS/IPS, and endpoint protection.
• Experience securing hybrid environments, including on‑premises infrastructure and public cloud platforms (e.g., Azure, AWS).
• Leadership and Management:
• Proven ability to own and scale cybersecurity programs within a mid‑ to large‑scale enterprise environment.
• Experience balancing strategic planning with hands‑on execution in a dynamically evolving threat landscape.
• Strong communicator capable of translating complex technical risk into clear business impact for executives and non‑technical stakeholders.
• Decisive, pragmatic leader comfortable operating in ambiguous, fast‑paced environments.
• EDUCATION:
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field required.
• 10+ years of progressive cybersecurity experience, including prior leadership or management responsibility.
• Extensive experience supporting cloud‑based environments and modern security architectures.
• CISSP required; additional certifications such as CISM, CRISC, CEH, or equivalent strongly preferred.

Nice To Haves

• CISSP required; additional certifications such as CISM, CRISC, CEH, or equivalent strongly preferred.

Responsibilities

• Cybersecurity Strategy Development:
• Own and execute a multi‑year cybersecurity strategy and roadmap aligned with business priorities, risk tolerance, and regulatory requirements.
• Translate enterprise risk assessments into clearly prioritized security initiatives, investments, and operating plans.
• Establish, maintain, and continuously improve cybersecurity policies, standards, and controls to protect data, systems, and infrastructure.
• Partner with the CIO and senior leaders to inform cybersecurity investment decisions and balance risk reduction, operational impact, and cost efficiency.
• Security Operations Management:
• Own the effectiveness and maturity of security operations, including threat detection, incident response, vulnerability management, and recovery.
• Provide leadership and oversight for Security Operations Center (SOC) capabilities, including managed service providers and internal resources.
• Ensure 24x7 monitoring, investigation, and response to security events the platforms.
• Lead continuous improvement through metrics, automation, post‑incident analysis, and lessons learned.
• Governance, Risk and Compliance:
• Lead enterprise cybersecurity risk management activities, including risk assessments, control design, and remediation planning.
• Ensure compliance with applicable legal, regulatory, and industry standards (e.g., CMMC, NIST, ISO 27001, CIS Controls, GDPR).
• Direct cybersecurity audits and assessments, partnering with internal audit, legal, and external regulators as required.
• Own third‑party and vendor cybersecurity risk management processes, including assessments and ongoing oversight.
• Incident Response and Reporting:
• Serve as the senior incident lead during cybersecurity events, ensuring timely containment, remediation, communication, and recovery.
• Maintain and regularly test incident response and crisis management plans.
• Provide clear, actionable reporting to executive leadership on cybersecurity posture, emerging threats, trends, and risk exposure.
• Leadership and Team Development:
• Build, lead, and develop a high‑performing cybersecurity team spanning security operations, governance, and cloud security.
• Establish clear accountability, performance expectations, and development plans for team members.
• Foster a collaborative, business‑aligned security culture that emphasizes risk awareness, shared responsibility, and continuous improvement.
• Manage strategic vendor relationships to extend internal capabilities and scale effectively.
• Other duties as assigned.

Benefits

• Competitive Salary
• Medical, dental, and supplemental insurance
• 401K Plan
• Paid Holidays
• Paid Time Off