Senior Director - Information and Cyber Security

Diversified•Atlanta, GA

5d•Onsite

About The Position

The Senior Director of Information and Cybersecurity serves as the senior-most cybersecurity leader within the internal IT organization, reporting directly to the Chief Information Officer (CIO). This role is responsible for defining and executing the enterprise cybersecurity strategy in close alignment with IT and digital transformation priorities. As a key member of the IT leadership team, this position ensures that security is fully integrated into infrastructure, applications, cloud platforms, and end-user environments. The role partners with the CIO to balance risk management, innovation, and operational efficiency, embedding security-by-design principles across all IT initiatives. Actively participate in the RFP development and evaluation process, ensuring security requirements are clearly defined, embedded, and aligned with organizational risk standards. The leader oversees global security operations, architecture, risk management, and compliance, ensuring the protection of corporate systems and data while enabling business agility. This role also drives enterprise-wide security governance, fosters a strong security culture, and provides strategic guidance to senior leadership on cyber risks, investments, and resilience.

Requirements

10–15+ years of progressive experience in cybersecurity, information security, or IT risk management
7–10+ years in leadership roles with responsibility for building and leading global security teams
Proven experience partnering closely with CIO and IT leadership to integrate security into enterprise IT strategy and operations
Demonstrated success leading enterprise-wide security programs across infrastructure, cloud, applications, and end-user environments
Deep experience in cyber risk management, security operations, incident response, and architecture
Hands-on experience implementing and scaling frameworks such as NIST, ISO 27001, CIS, and Zero Trust
Experience managing global security operations (SOC) and responding to major security incidents or breaches
Strong background in regulatory compliance (e.g., GDPR, SOX, CCPA, industry-specific regulations)
Proven ability to lead digital transformation initiatives
Experience managing third-party/vendor risk in a global enterprise environment
Track record of managing large budgets and optimizing security investments
Experience working within a matrixed, global organization with cross-functional collaboration
Bachelor’s or Masters degree in Computer science, Cyber Security, Information Technology or a closely related Field.

Responsibilities

Define and execute the enterprise-wide cybersecurity strategy aligned with business objectives
Establish global security governance frameworks, policies, and standards
Partner with executive leadership to embed security into corporate strategy and digital transformation initiatives
Provide regular updates to Board / Audit Committee on cyber risk posture and mitigation plans
Lead the identification, assessment, and prioritization of enterprise cyber risks
Own the risk management framework, including risk registers and treatment plans
Ensure alignment with frameworks such as SOC 2, NIST, ISO 27001, CIS, and Zero Trust
Oversee third-party and supply chain security risk management
Oversee global Security Operations Center (SOC) and threat monitoring capabilities
Lead incident response planning, crisis management, and breach investigations
Ensure continuous improvement of threat detection, response, and recovery capabilities
Coordinate with legal, HR, and communications teams during incidents
Drive enterprise strategies for Identity & Access Management (IAM) and privileged access
Ensure implementation of data protection, encryption, and data loss prevention (DLP)
Oversee secure access for employees, contractors, and partners across global environments
Lead the design of secure architecture across cloud, infrastructure, and applications
Ensure integration of security-by-design principles into IT and product development
Oversee modernization efforts
Ensure compliance with global regulations (e.g., GDPR, CCPA, SOX, ISO, SOC 2 as applicable)
Manage relationships with internal audit and external regulators
Oversee audit readiness, security certifications, and remediation of findings
Champion a security-first culture across the organization
Lead security awareness training and phishing simulations
Partner with HR to embed cybersecurity into employee lifecycle processes
Establish and enforce third-party security standards and assessments
Collaborate with procurement and legal on security requirements in contracts
Monitor risks associated with outsourcing, SaaS, and global partners
Own and manage the global cybersecurity budget
Optimize investments across tools, talent, and services
Build and lead a high-performing global security organization
Stay ahead of emerging threats, technologies, and industry trends
Drive adoption of AI-driven security, automation, and advanced analytics
Lead innovation in proactive threat intelligence and cyber resilience
Partner with CIO on IT and digital initiatives
Partner with Legal & Compliance on regulatory matters
Partner with HR on insider risk and employee behavior
Partner with Business units to align security with operational needs