Director of Cybersecurity

About The Position

Requirements

• 8+ years of experience in cybersecurity with 3+ years in leadership
• Strong knowledge of SOC2, NIST, and ISO 27001 frameworks
• Experience with EDR, MDR, SIEM, and vulnerability management tools
• Proven success building, scaling, and leading cybersecurity programs in managed services, consulting, or multi-client environments
• Deep expertise in security operations, incident response, vulnerability management, governance, risk management, and compliance
• Strong leadership, communication, client engagement, and executive presence, with the ability to influence technical and non-technical stakeholders
• Experience partnering with executive leadership and CISOs to align cybersecurity strategy with business objectives and enterprise risk management
• Proven ability to mature operational processes, establish governance models, and scale cybersecurity service delivery
• Demonstrated success leading cross-functional initiatives across Engineering, Operations, Consulting, Product, and other business teams
• Strong understanding of modern threat landscapes, ransomware response, and security operations best practices
• Experience managing budgets, KPIs, vendors, security platforms, and strategic technology investments
• Experience recruiting, mentoring, and developing high-performing cybersecurity teams

Nice To Haves

• Familiarity with SOC 2, NIST, ISO 27001, and other security and compliance frameworks preferred
• Experience leading cybersecurity teams within a growth-oriented, service-driven organization preferred

Responsibilities

• Define and execute the cybersecurity vision, strategy, and multi-year roadmap, with a clear focus on maturing departmental processes and operating model, in alignment with the strategic direction established by the CISO
• Provide leadership for cybersecurity operations including EDR, vulnerability management, incident response, and threat detection
• Drive standardization and optimization of the security tool stack across managed and augmented clients, including endpoint protection (e.g., SentinelOne, CrowdStrike) and vulnerability management (e.g., Qualys)
• Formalize and maintain governance, risk, and compliance frameworks including SOC2 alignment
• Lead enterprise incident response strategy, ensuring readiness and effective remediation
• Act as executive escalation point for major security incidents and client-impacting events, coordinating with the CISO and executive leadership during high-severity incidents
• Own budgeting, forecasting, and resource planning for the security function
• Lead risk assessments and ensure mitigation strategies are implemented
• Build, mentor, and develop a high-performing cybersecurity team, deepening subject matter expertise across the practice
• Foster a culture of security awareness and continuous improvement
• Collaborate cross-functionally with Engineering, Consulting, Product, and Project teams
• Represent cybersecurity in executive forums and client discussions in partnership with the CISO and executive leadership as appropriate.
• Stay current on emerging threats, technologies, and industry trends

Benefits

• Competitive benefits package (medical, dental, vision, life, disability)
• 401(k) + employer match
• Generous paid time off
• Parking and mileage reimbursement
• Stocked office snacks, coffee, and treats (including healthy options)
• Monthly team activities (trivia nights, holiday parties, and more)