Director, Information Security U.S.

About The Position

Requirements

• 16+ years of experience in information security, technology, or related fields, with a strong track record in security and risk leadership.
• Bachelor’s degree (Computer Science preferred).
• Proven ability to engage, influence, and communicate with top executives in global and domestic environments.
• Excellent written and verbal communication skills; ability to simplify technical concepts for non-technical audiences.
• Strong knowledge of relevant legal and regulatory requirements.
• Expertise with frameworks such as NIST, ISO 27001, SOX, PCI DSS, GDPR, COBIT, and ITIL.
• Exceptional leadership abilities, including motivation of interdisciplinary and geographically dispersed teams.
• Ability to travel 10–15%.
• Fluent in English.
• Legally authorized to work in the U.S.

Nice To Haves

• Professional certifications such as CISSP, CISM, or similar are preferred.

Responsibilities

• Regional Leadership (U.S. Focus)
• Serve as the Head of Information Security for the U.S., building strong stakeholder relationships and promoting a secure-by-design mindset.
• Advise senior market leadership and key stakeholders on cyber risks and priorities across regions.
• Represent regional needs and viewpoints in global security strategy discussions.
• Global Security Strategy & Governance
• Contribute to developing and implementing PMI’s global security strategy from a regional perspective.
• Strengthen affiliations with IT leadership, assurance teams, and the broader Information Security organization.
• Support the definition of the cyber risk program and ensure alignment with regional business needs.
• Drive continuous improvement of security governance structures across regions and report updates to global committees and regional leaders.
• Program Delivery & Harmonization
• Lead execution of the Global Security Program and harmonize security practices and maturity across markets.
• Partner with global teams to implement a regional security engagement strategy.
• Ensure regional adherence to PMI’s security policies and standards, incorporating local regulatory requirements.
• Team Leadership
• Manage Regional Information Security Officers and Regional Security Services teams.
• Enable markets to implement security practices that meet global standards and policies (“Build Secure”).
• Ensure completion of cyber risk and maturity assessments across all regions (“Stay Secure”).
• Risk Management & Incident Response
• Oversee identification and management of cyber and information security risks in alignment with PMI’s risk appetite.
• Lead regional execution of cyberattack simulations, table‑top exercises, and crisis management activities.
• Strengthen security awareness and ownership through ongoing training and communication initiatives.
• AI & Emerging Technology Security
• Shape PMI’s security strategy for AI/ML technologies, working with global InfoSec and IT Engineering teams.
• Help define governance frameworks for ethical and compliant AI implementation.
• Assess emerging AI-related risks and advise senior leaders on mitigations.
• Leverage AI-driven tools to enhance threat detection, anomaly monitoring, and predictive risk analysis.

Benefits

• We offer a competitive base salary, annual bonus (applicable based on level of position), great medical, dental and vision coverage, 401k with a generous company match, incredible wellness benefits, commuter benefits, pet insurance, generous PTO, and much more!
• We have implemented Smart Work, a hybrid model of working that promotes flexibility in the workplace.