Director Cybersecurity

Recruiter
Cloud Software Group
Location
Santa Clara
Salary
Competitive
Posted
25 Sep 2024
Closes
23 Oct 2024
Job Type
Cyber Security
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time

What we're looking for:

A key element of the Director of Cybersecurity role is working with the VP of Security, CISO and executive team to determine acceptable levels of risk for the organization. He or she will proactively work with business units and ecosystem partners to implement monitoring, detection and response practices that meet agreed–on policies and standards for information security. The Director of Cybersecurity should understand and articulate the impact of cybersecurity on the business and be able to communicate this to the board of directors and other senior stakeholders.

Role Requirements:

  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate cyber security and risk–related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
  • Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization.
  • Ability to lead and motivate the cyber security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist.
  • Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
  • A master of influencing entities and decisions in situations where no formal reporting structures exist, but achieving the desirable outcome is vital.
  • Excellent stakeholder management skills.
  • Project management skills: financial/budget management, scheduling and resource management.

Position Overview

As a Director of Cybersecurity, you will play a critical role in our cyber security function to ensure enterprise and client data is secure. You will help:

  • Lead the development and implementation of a robust incident response plan, including detection, containment, eradication, recovery, and post–incident review.
  • Manage and mentor a team of security analysts specializing in security architecture, security engineering, log management, detection, and incident response. This includes setting performance expectations, providing coaching and development opportunities, and fostering a collaborative and high–performing team environment.
  • Work with partners and measure the key performance indicators to ensure the QOS.
  • Delegate tasks effectively, prioritize workloads, and ensure efficient incident response processes.
  • Identify training needs and develop programs to enhance the team's skills and knowledge.
  • Conduct in–depth forensic investigations to identify the root cause of security breaches, collect and analyze evidence, and reconstruct timelines of events.
  • Stay abreast of evolving cyber threats, incident response best practices, and legal developments impacting cybersecurity.
  • Develop and deliver training programs to educate employees on cyber threats and incident reporting procedures.
  • Collaborate with legal counsel to provide expert support on cybersecurity incidents, including preparing technical reports and assisting with litigation.

Basic Qualifications

  • Bachelor's degree in cybersecurity, related field, or equivalent work experience.
  • Practical experience in a senior role within the last three years and demonstrated ability to carry out the functions of the job.
  • Solid grasp and experience applying common frameworks used to describe cyber threat actors, actions, and capabilities (Diamond, Veris, MITRE ATT&CK, etc.) and share threat intelligence (STIX/TAXII).
  • In–depth knowledge in the following fields is required: cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data; common information technology (IT) security controls (e.g.: firewalls, demilitarized zones, encryption); new and emerging information technology (IT) and cybersecurity technologies and risks; information technology (IT) supply chain and vulnerability risk best practices.
  • Advanced planning/organizational, problem–solving, analytical, consulting, time management and decision–making skills required.
  • Must be detail oriented and able to maintain a high degree of accuracy.
  • Ability to maintain confidentiality is crucial.