Location: Downtown Denver (parking paid for)

Schedule: Hybrid - 3 days onsite

Type: Full-Time, Direct Hire

Salary: $160k - $200k 20% bonus (depending on experience level)

As the Director of Global Information Security and Cybersecurity, you will be responsible for developing, implementing, and maintaining comprehensive cybersecurity programs to safeguard the company's Information Technology (IT) and Operational Technology (OT) infrastructure, systems, networks, and data from cyber threats and other security risks. You will lead initiatives to enhance the overall cybersecurity posture, working independently and collaboratively with cross-functional teams, including IT, operations, and compliance, to ensure the confidentiality, integrity, and availability of data and systems, and to comply with relevant laws, regulations, and industry best practices.

Responsibilities:

• Policy Development: Develop and implement global information security and cybersecurity policies, procedures, and standards for OT and IT, including access controls, data classification, encryption, incident response, and risk management. Ensure documentation is thorough and accessible across regions.
• Continuous Monitoring: Monitor and assess the company's cybersecurity posture continuously, identifying and addressing vulnerabilities, threats, and risks promptly. Document findings and remediation steps to maintain a clear security roadmap.
• Security Audits: Conduct regular security audits, vulnerability assessments, and penetration testing of systems, networks, and applications, developing and implementing remediation plans as needed. Maintain detailed audit and assessment reports for continuous improvement.
• Security Operations: Oversee the day-to-day operation of security technologies such as firewalls, intrusion detection/prevention systems, antivirus/malware solutions, SIEM systems, and other security tools. Ensure configurations and incident response plans are well-documented.
• SOC and MDR Services: Establish a Security Operations Center (SOC) and Managed Detection and Response (MDR) services globally by identifying, assessing, and collaborating with various security vendors capable of operating globally.
• Collaboration: Work with IT and OT operations teams to ensure security controls and best practices are integrated into system design, deployment, and operation, including network security and system hardening. Facilitate global collaboration and ensure consistent application of security practices.
• Awareness and Training: Develop and deliver cybersecurity awareness and training programs for employees and contractors, promoting a culture of security awareness and compliance throughout the organization.
• Incident Response: Manage and respond to security incidents, conducting investigations, coordinating with relevant stakeholders, and implementing appropriate remediation measures to mitigate impacts. Ensure incident response plans are documented and regularly updated. Lead global tabletop exercises in OT to ensure preparedness.
• Trend Analysis: Stay updated on the latest cybersecurity trends, threats, and technologies, providing recommendations to senior management for continuous improvement. Share insights and best practices across regions.
• Compliance: Work with the global compliance team to ensure adherence to relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, PCI DSS, ISO 27001, SOC, and NIST Cybersecurity Framework), maintaining documentation and evidence of compliance. Conduct cybersecurity assessments with third-party vendors globally.
• Leadership and Communication: Demonstrate strong leadership skills, mentoring a team of IT professionals, and working effectively with cross-functional teams and senior management. Communicate complex security concepts clearly to technical and non-technical audiences globally.

Qualifications:

• Education: Bachelor's degree in computer science, information technology, or a related field. Relevant certifications such as CISSP, CISM, or CRISC are highly desirable.
• Experience: At least 5 years of experience in global information security and cybersecurity management, preferably in a data center or critical infrastructure environment.
• Knowledge: Strong understanding of cybersecurity principles, practices, technologies, and frameworks, including access controls, network security, encryption, risk management, and incident response.
• Regulatory Familiarity: Familiarity with laws, regulations, and industry standards such as GDPR, HIPAA, PCI DSS, ISO 27001, SOC, and NIST Cybersecurity Framework, with the ability to translate these into practical security controls.
• Technical Skills: Experience managing security technologies such as firewalls, intrusion detection/prevention systems, SIEM systems, antivirus/malware solutions, and other security tools.
• Analytical Skills: Strong analytical, problem-solving, and decision-making skills to assess and mitigate security risks and incidents effectively.
• Communication: Excellent verbal and written communication skills, with the ability to explain complex security concepts to technical and non-technical audiences.
• Leadership: Ability to work independently and collaboratively in a dynamic environment, managing multiple priorities and projects. Strong leadership skills to mentor a team of IT professionals and work effectively with cross-functional teams and senior management.

· We offer a competitive compensation package with strong benefits, including medical, dental, and vision insurance, a 401K program, flexible spending accounts - even a cell phone subsidy.

· We foster a culture of appreciation, including peer-to-peer recognition programs.

· Fun is part of our DNA, with events, game nights, happy hours, and barbecues.

· We're growing - this is a great time to join and make an impact!

All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.