Job Description

The Senior Director Cybersecurity Services will report to the Vice President, CISO and will be responsible for designing, implementing, and managing a comprehensive cybersecurity strategy tailored to the needs of the Advanced Auto Parts. This role encompasses protecting sensitive data, intellectual property, and operational systems from cyber threats while ensuring regulatory compliance. The ideal candidate will possess deep cybersecurity expertise, strong leadership skills with a strategic mindset.

The Senior Director of cybersecurity will lead the architecture, engineering, and operations teams, and will be responsible for the ownership, operation and optimization of the team’s cybersecurity controls. The ideal candidate will combine expertise in both cybersecurity and risk management disciplines and have exceptional communication and stakeholder management skills.

This position is based in Raleigh, NC and part of a Hybrid work arrangement requiring 4 days/week in office.

Essential Duties and Responsibilities include the following, other duties may be assigned:

• Develop a short-term and long-term comprehensive cybersecurity controls strategy

• Maintain a clear understanding of cutting-edge technologies and cybersecurity capabilities continuously refreshing our tech stack and strategy

• Develop and implement a robust cross functional cybersecurity program that effectively measures the efficacy of our technology, its deployment, operations and full capabilities ensuring we are gaining the full potential of our investment.

• Lead a team of cyber specialists, providing direction and supporting their development

• Oversee production, reporting and evolution of cyber metrics, including SLA’s, Key Performance Indicators (KPIs), and Key Risk Indicators (KRIs)

• Drive automation, analytics, and continuous improvement of processes

• Engage with a range of senior stakeholders across Lines of Defense to ensure appropriate oversight and reporting of cybersecurity risks

• Collaborate with cross-functional teams on remediation activities pertaining to Vulnerabilities, pen tests, audit, and assessment findings

• Collaborate with the IT team, internal business partners, security vendors and company MSPs to ensure and maintain the company’s regulatory compliance and security posture.

• Collaborate with cross-functional teams to embed cybersecurity best practices into all organizational processes.

• Communicate cybersecurity risks and strategies effectively to executive leadership and stakeholders.

• Ensure regulatory compliance with frameworks in NIST, SOC 1/2, PCI, SOX, CCPA

• Communicate cybersecurity risks and strategies effectively to executive leadership and stakeholders.

Qualifications:

• Bachelor’s degree in information security, Computer Science, or a related field; Master’s degree preferred

• Minimum of 10 years of experience in cybersecurity, with a focus on NIST

• Extensive knowledge of cybersecurity architectures, controls frameworks, Identity and Access, Automation/AI, and program management methodologies

• Proven experience in leadership roles, managing teams, and influencing executive stakeholders

• Experience in managing in an environment with regulatory compliance in NIST, PCI-DSS, SOX, SOC 1/2, CCPA, HIPAA

• Strategic thinker with a strong understanding of cyber threats, vulnerabilities, and risk mitigation options

• Innovative thinker and adaptable to change

• Exceptional communication and presentation skills, capable of translating technical risk into business terms

• Excellent analytical, problem-solving, and decision-making skills

• Relevant certifications such as CISSP, CISM, or similar

California Residents click below for Privacy Notice: