Director, Cybersecurity

Trimont•Atlanta, GA

23h

About The Position

Founded in 1988, Trimont (www.trimont.com) is a specialized global commercial real estate loan services provider and partner for lenders and investors seeking the infrastructure and capabilities needed to help them scale their business and make informed, effective decisions related to the deployment, management and administration of commercial real estate secured credit. As the largest master servicer of commercial real estate loans in the United States, Trimont manages securitizations with meticulous oversight and coordination—protecting cash flows, mitigating risk, and ensuring portfolio performance. trivinna, a Trimont company, is redefining the future of commercial loan management through advanced technology and data-driven innovation. As the newest addition to the Trimont group, trivinna introduces a modern loan management software platform that streamlines operations, increases transparency, and provides clients and partners with actionable insights. Leveraging Trimont’s access to approximately 11% of all U.S. commercial real estate lending data, trivinna integrates market-leading analytics, robust portfolio management tools, and a high-touch customer support model. This comprehensive approach enables clients to make informed decisions, manage risk effectively, and achieve greater efficiency and performance in commercial real estate loan management. trivinna is an innovative firm where visionary professionals come to learn, grow, and thrive with colleagues driven by curiosity and collaboration. Learn: We believe ongoing learning is critical and are focused on providing a work environment where all team members can take ownership of their careers. Grow: We work alongside the largest institutional lenders in the world, overseeing the most significant projects in the industry. This unique opportunity allows us to broaden our skillset and develop our abilities by tackling some of the industry’s most challenging and exciting endeavors. Thrive: Our firm is a place where ethics and excellence meet to create an experience that matches our capabilities. There are no limits to what we as team members and as an organization, can achieve together. Where people, purpose, and progress come together every day. Job Summary We are seeking an experienced Director of Cybersecurity to protect our commercial real estate loan servicing platform and the sensitive financial data it processes. You will be responsible for implementing security controls, monitoring threats, responding to incidents, and ensuring compliance with financial services regulations. This role is critical to safeguarding billions of dollars in loan data and maintaining the trust of our clients and partners.

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience.
7+ years of experience in cybersecurity or information security roles.
Strong knowledge of security frameworks (NIST, ISO 27001, CIS Controls) and compliance standards (SOC 2, PCI DSS, GDPR, ISO/IEC 27001).
Experience with cloud security (AWS, Azure, or GCP), including secure architecture and deployment.
Proficiency with SIEM tools, IDS/IPS, vulnerability assessment, and penetration testing tools.
Knowledge of network security, firewalls, encryption technologies, and secure coding practices.
Experience with DevSecOps, security automation, and integrating security into CI/CD pipelines.
Security certifications such as Security+, CISSP, CISM, CEH, Microsoft AZ-500, or similar.

Nice To Haves

Experience in financial services, fintech, or SaaS environments
Security certifications (Security+, CISSP, CISM, CEH, Microsoft AZ-500, or similar)
Experience with DevSecOps and security automation
Familiarity with container security (Kubernetes, Docker) and application security testing.
Experience with threat intelligence and threat modeling

Responsibilities

Design, implement, and maintain security controls for cloud infrastructure and applications supporting commercial real estate loan management.
Collaborate with Engineering, Infrastructure, and Data teams to ensure secure software development, cloud architecture, and data protection.
Advise on and document security architectures and procedures.
Integrate security tools and practices into CI/CD pipelines (DevSecOps).
Develop and maintain security policies, standards, and procedures.
Manage vulnerability assessments, penetration testing, and remediation tracking.
Oversee security code reviews, application security testing, and third-party vendor assessments.
Own relationship with SOCaaS vendor and remediate alerts.
Develop and maintain incident response playbooks and lead incident investigations, including root cause analysis and remediation.
Coordinate with external security partners and law enforcement as needed.
Support compliance with financial services regulations (SOC 2, PCI DSS, ISO 27001, GDPR, CCPA).
Conduct security risk assessments and maintain risk registers.
Support internal and external security audits.
Provide security awareness training and guidance on best practices to technical teams.
Stay current with emerging threats, technologies, and industry trends.