Director - Cybersecurity

Requirements

Director - Cybersecurity

policy advocacy

risk management

program leadership

technology, governance, and strategy

Key Responsibilities:

• Strategic Leadership & Program Management: Lead the development and execution of enterprise-wide cybersecurity programs. Define strategic objectives, assess maturity, and oversee all risk mitigation initiatives. Collaborate cross-functionally to integrate security into business operations.
• Cybersecurity Framework & Architecture: Establish and maintain a comprehensive cybersecurity framework, including network security, endpoint protection, identity management, and data loss prevention. Evaluate and select security tools and platforms.
• Policy & Advocacy: Represent the organization in external cybersecurity forums, government policy discussions, and industry coalitions. Advocate for responsible cybersecurity policies and standards that align with business needs and regulatory expectations.
• Risk Management: Develop and maintain cybersecurity risk management processes and ensure alignment with global standards (e.g., NIST, ISO 27001). Proactively identify, analyze, and respond to emerging threats and vulnerabilities.
• Incident Response & Threat Intelligence: Build and oversee the incident response strategy and coordinate the team's response to breaches, threats, and outages. Work with law enforcement, legal teams, and regulators during critical incidents.
• Compliance & Audit: Ensure that cybersecurity practices comply with relevant legal and regulatory standards (e.g., GDPR, HIPAA, PCI-DSS). Support internal and external audit efforts and report on key risk indicators and control effectiveness.
• Stakeholder Engagement & Communication: Educate internal stakeholders including board members, executives, and functional teams on cybersecurity risk and readiness. Deliver concise, actionable reports and security briefings.
  

Skills & Qualifications:

• Experience: Minimum of 8-10 years in cybersecurity roles, including leadership or program management capacity. Strong exposure to network security, endpoint protection, risk analysis, cryptography, and incident response.
• Policy & Ecosystem Engagement: Demonstrated experience working with government agencies, policy makers, and industry consortia on cybersecurity regulations and frameworks.
• Certifications (Preferred): CISSP, CISM, CISA, or similar credentials.
• Technical Expertise: Strong command over security architectures, cloud security (AWS, Azure), firewalls, SIEM tools, penetration testing, and identity & access management.
• Soft Skills: Strong leadership, communication, and negotiation skills. Ability to manage multidisciplinary teams and balance technical depth with executive reporting.