Director, Security

About The Position

Requirements

• 8+ years of progressive information security experience, including leadership across security operations, GRC, architecture, or program management.
• Experience building or scaling security programs in an MSP, MSSP, managed services, or other technology services environment.
• Strong working knowledge of NIST CSF, risk management practices, compliance frameworks, and customer assurance requirements.
• Experience owning third-party security partner relationships, including MSSP, MDR, SOC, TVM, or penetration testing providers.
• Ability to communicate risk, priorities, and trade-offs clearly to executives, technical leaders, auditors, and customers.
• Familiarity with cloud and SaaS security concepts, identity controls, logging, incident response, and vulnerability management workflows.
• Bachelor's degree or equivalent experience required

Nice To Haves

• CISSP, CISM, CRISC, or similar certification preferred.

Responsibilities

• Lead the execution of XTIUM's enterprise security program, including governance, policy, standards, and control improvement plans.
• Own the day-to-day operation of the cyber risk register, including risk intake, scoring, action planning, escalation, and executive reporting.
• Direct the Security Manager and coordinate outcomes across ESD, Ascent, and other internal or external stakeholders.
• Partner with the CIO, CTO, Delivery, and Product leaders to align security priorities with architecture, operations, and roadmap decisions.
• Drive compliance and assurance activities, including customer questionnaires, audit support, evidence collection, and control narratives.
• Establish security metrics and operating reviews that track detection, remediation, incidents, exceptions, and control maturity.
• Support incident response leadership by guiding decision-making, communications, root-cause follow-up, and corrective actions.

Benefits

• Med/Dental/FSA/401(k)/Flexible Paid Time Off