Director of Network Security

SUMMARY OF JOB:

The Director of Network Security is responsible for day-to-day information security operations support including security event handling, security incident response, threat hunting, threat intelligence analysis, vulnerability identification, policy consulting and development, and security incident recovery services. The position is also responsible for the architecture and design of the Zirrus One customers whom we strategically consult on the security of the enterprise information systems and resources using our partner systems. This position will lead our managed security systems provider solutions. 

Key responsibilities include planning and executing short and medium-term information security improvement projects and initiatives intended to improve internal and Customer enterprise information security posture, tools, policies, processes, and procedures with guidance and support from the Director of Architecture and Chief Technologist. The position works actively with other IT staff as well as end-users and leadership from other departments to help determine information security requirements and deploy appropriate solutions that meet security best practices and recommendations.

JOB RESPONSIBILITIES:

• Lead the policy development and technical processes of implementation for our customers in relation to BIA, BCDR, IT Information Security, DR Runbooks and others as required.
• Serve as the primary security advisor to customers and executive leadership, translating complex technical findings into business-level insights and risk recommendations.
• Prepare and deliver executive summaries, risk reports, and roadmap presentations to customer stakeholders.
• Act as an escalation point for high-priority customer incidents and coordinate cross-functional response efforts.
• Mentor a small team of Tier 1–2 security engineers, ensuring efficient task prioritization, skill development, and operational excellence.
• Assist in the identification, response, investigation, and remediation of potential breaches and issues surrounding data security in conjunction with our 24x7x365 SOC.
• Proactively identify industry security trends, monitor performance trends, recommendations to customers regarding security hardware, software, processes, and procedures as required.
• Monitor network, systems, and logs for events that could negatively impact the confidentiality, integrity, or availability of enterprise systems and data. Investigate and respond to all potential incidents in accordance with prescribed procedures.
• Responsible for performing the following Vulnerability Scanning, Penetration Testing, Network Monitoring, Log Review, Incident Response, Forensic Collections, Policy Review, and Configuration Review.
• Assist with the evaluation of policies, processes, procedures, and technical controls for compliance with regulations and standards including HIPAA, PCI, NIST, NYDFS, ISO 27001 and other relevant requirements.

REQUIRED EXPERIENCE

• Minimum of 5 years of experience assessing and defining security and data protection controls
• Minimum of 8 years in Information Security or a related discipline

PREFERRED QUALIFICATIONS:

• Experience working with prospective clients, particularly in a pre-contract business development cycle.
• Knowledge of Information Security penetration testing methodologies, vulnerability scanning activities, security assessment reporting and industry leading tools to perform these actions.
• Hold a security or privacy certification such as CISSP, CISA, CISM, CRISC, GISF, or CIPP.
• Knowledge of existing and emerging privacy and security regulatory requirements, including European Union General Data Protection Regulations (GDPR), with practical experience interpreting and applying core concepts of the regulatory framework.
• Experience with ISO 27001/ISO 27002 or similar information security controls and framework.
• Knowledge of how a typical contract is structured including the core common terms.
• Change Management capability.
• Cross-border data protection and data privacy experience.

SKILLS

• Strong relationship development skills with an ability to influence and interact with organizational leadership across multiple countries
• Ability to work independently in an unstructured environment
• Ability to prioritize multiple demands
• Proficient in English (oral and written)
• Proficient in any language in addition to English
• Demonstrated leadership in professional setting; either military or civilian
• Demonstrated teamwork and collaboration in a professional setting; either military or civilian

DAY 1 EXPECTATIONS

• Engage with customers to assess and recommend potential gaps with existing security infrastructure, operational processes, tools and personnel
• Identify key metrics for board level reports that highlight customer trending across threat landscape
• Lead tabletop exercises across customer teams that are engaged in incident response and disaster recovery activities
• Analyze and provide edits and recommendations across company documentation related to incident response, IT InfoSec, BCDR programs, DR runbooks and other policies related to the cybersecurity programs of the organization
• Mentor Tier 1-2 personnel with overall growth across technical and professional development efforts

WHAT WE OFFER

• Competitive salary and bonus structure.
• Comprehensive benefits package.
• Opportunities for professional growth and career advancement.
• A flexible, dynamic and supportive work environment.

HOW TO APPLY

Interested candidates should submit their resume and a brief cover letter outlining relevant experience to:

Please include the position title "Director of Network Security" in the subject line of your email.