Senior Director - Cybersecurity

Hines-posted 1 day ago
Full-time • Director
Houston, TX
1,001-5,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

When you join Hines, you will embark on a career journey fueled by vision and guided by leaders who set the standards of our industry. Our legacy is rooted in innovation and excellence, earning us a spot on Fast Company’s esteemed annual list of the World’s Most Innovative Companies, as well as recognition as one of U.S. News & World Report’s Best Companies to Work For in 2024. Discover endless opportunities to grow and make your mark at Hines. The Senior Director, Cybersecurity is a strategic leader with hands-on in-the-trenches experience responsible for the design, implementation, and governance of enterprise security solutions across cloud, on-premises, and end-user environments. This role develops and maintains a comprehensive security architecture that protects user devices, collaboration platforms, productivity suites, identity systems, and core infrastructure—ensuring secure, resilient, and compliant security operations for all employees and business units. The Director leads a team of security engineers and architects, drives adoption of modern security frameworks (such as Zero Trust), and partners with IT, business, and compliance stakeholders to embed security into daily operations and technology initiatives, in alignment with various compliance frameworks such as NIST, ISO 27001, SOC 2, SOX, GDPR, CCPA, and internal security policies. This position will be responsible for four primary functions: Security Architecture/Design Security Engineering/Implementation Security Enforcement/Adherence (Governance) Escalated Incident Response (Escalations from Security Operations Center) Across the following areas: Cloud & On-Premise Microsoft Azure anything related to security Microsoft Entra and On-premise Active Directory Microsoft M365 SaaS/In-house applications Data Protection & Privacy Data Loss Prevention (DLP) solutions, encryption (Azure Key Vault, BitLocker), files and folder sharing, and privacy controls (GDPR, CCPA, NIST Privacy Framework) Ensure secure handling of user data across devices, cloud storage, and collaboration platforms Endpoint & Network Security Endpoint protection Artic Wolf Aurora, Microsoft Defender, web filtering, and secure email gateway solutions Securing AI Providing a security framework in which to utilize IT for Security and Business operations Vulnerability Management Identifying vulnerabilities and prioritize remediation, patch management, penetration testing, etc. Application Security /Develop Security Operations Strengthening the security posture for the production application and development environments Identity and Access Management Framework of policies and technologies for identifying, authenticating, and controlling user access to applications, systems, and networks Cyber Threat Intelligence Work with the SOC to integrate CTI best practices for threat feeds and mechanisms Operational Technology Partner with various groups to update OT policies Security Awareness Continuously improve the enterprise-wide security awareness and training program to foster a security-first culture among all employees and contractors Customize security messaging for diverse audiences, including remote workers, executives, IT staff, and business users, ensuring relevance to current threats and organizational priorities Measure program effectiveness through behavioral analytics, participation metrics, and simulated attack results; report findings to leadership and refine strategies accordingly Collaborate with HR, IT, and business units to automate onboarding/offboarding training workflows and deliver role-based content Promote proactive reporting of suspicious activity and empower users to act as the first line of defense against cyber threats

  • Security Architecture/Design
  • Security Engineering/Implementation
  • Security Enforcement/Adherence (Governance)
  • Escalated Incident Response (Escalations from Security Operations Center)
  • Cloud & On-Premise Microsoft Azure anything related to security
  • Microsoft Entra and On-premise Active Directory
  • Microsoft M365 SaaS/In-house applications
  • Data Protection & Privacy Data Loss Prevention (DLP) solutions, encryption (Azure Key Vault, BitLocker), files and folder sharing, and privacy controls (GDPR, CCPA, NIST Privacy Framework)
  • Ensure secure handling of user data across devices, cloud storage, and collaboration platforms
  • Endpoint & Network Security Endpoint protection Artic Wolf Aurora, Microsoft Defender, web filtering, and secure email gateway solutions
  • Securing AI Providing a security framework in which to utilize IT for Security and Business operations
  • Vulnerability Management Identifying vulnerabilities and prioritize remediation, patch management, penetration testing, etc.
  • Application Security /Develop Security Operations Strengthening the security posture for the production application and development environments
  • Identity and Access Management Framework of policies and technologies for identifying, authenticating, and controlling user access to applications, systems, and networks
  • Cyber Threat Intelligence Work with the SOC to integrate CTI best practices for threat feeds and mechanisms
  • Operational Technology Partner with various groups to update OT policies
  • Security Awareness Continuously improve the enterprise-wide security awareness and training program to foster a security-first culture among all employees and contractors
  • Customize security messaging for diverse audiences, including remote workers, executives, IT staff, and business users, ensuring relevance to current threats and organizational priorities
  • Measure program effectiveness through behavioral analytics, participation metrics, and simulated attack results; report findings to leadership and refine strategies accordingly
  • Collaborate with HR, IT, and business units to automate onboarding/offboarding training workflows and deliver role-based content
  • Promote proactive reporting of suspicious activity and empower users to act as the first line of defense against cyber threats
  • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field
  • 10+ years of experience in security architecture and engineering, with proven hands-on technical leadership in real estate, finance, or infrastructure-heavy sectors
  • Deep security expertise and direct security experience in: Microsoft Entra ID, Conditional Access, Privileged Identity Management (PIM)
  • Azure Security Center, Azure Sentinel (SIEM), Defender for Cloud, Defender for Identity, Defender for Endpoint
  • Azure Key Vault, Azure Policy, Azure Blueprints, Azure RBAC, Azure Firewall, Azure DDoS Protection
  • Azure Virtual Network, Network Security Groups (NSG), Application Gateway, Azure VPN Gateway
  • Azure Monitor, Log Analytics, and integration with Microsoft Intune for device management
  • Secure configuration and hardening of Azure resources, automation with ARM templates and Azure CLI/PowerShell
  • Hands-on Project Example: Led the migration of legacy on-premises applications to Azure, implementing Azure Security Center for unified threat detection, and deploying Azure Policy and Blueprints to enforce compliance across multiple subscriptions. Automated resource provisioning and security baselines using ARM templates and Azure DevOps pipelines
  • Cloud security (Azure): architecture, deployment, and management
  • Identity management (SSO, MFA, RBAC, PAM) and application security
  • Security operations: SIEM, EDR, IDS/IPS, vulnerability management, and incident response
  • Secure configuration and hardening of Windows, Linux, and cloud environments
  • Scripting and automation (Python, PowerShell, Bash) for security operations
  • Strategic thinker with deep technical knowledge and hands-on experience in enterprise security architecture and operations
  • Strong communication skills to engage with property managers, IT teams, and executive leadership
  • Proven leadership in cross-functional environments and vendor management
  • Ability to translate complex technical risks into business-aligned decisions
  • Demonstrated ability to lead by example, working directly with engineering teams on technical challenges and solutions
  • Deep expertise in cybersecurity frameworks and methodologies, including NIST, ISO 27001, and the MITRE ATT&CK framework, with a strong understanding of risk management and compliance requirements
  • Proven ability to facilitate high-level discussions, drive consensus among stakeholders, and lead collaborative security solutions across various teams
  • Certifications such as CISSP, CISM, CCSP, Azure Security Engineer Associate, SABSA, or equivalent are highly preferred
  • comprehensive training
  • competitive compensation
  • robust benefits
  • generous vacation packages
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Resume Examples
Cybersecurity Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service