Job Description
Position: Director, Global Information and Security & Cybersecurity
Location: Denver, CO or San Francisco, CA
Travel: 10-20%
Compensation: $160,000 – 190,000/year + bonus
THE POSITION:
· The Global Information Security and Cybersecurity Director, will be responsible for developing, implementing, and maintaining comprehensive information security and cybersecurity programs to safeguard the company’s Information Technology (IT) and Operational Technology (OT) infrastructure, systems, networks, and data from cyber threats and other security risks. This role will work closely with cross-functional teams including IT, operations, and compliance to ensure the confidentiality, integrity, and availability of data and systems, and to comply with relevant laws, regulations, and industry best practices.
· Develop and implement global information security and cybersecurity policies, procedures, and standards for the OT , including but not limited to access controls, data classification, encryption, incident response, and risk management.
· Monitor and assess the data center’s information security and cybersecurity posture on an ongoing basis, and identify and address potential vulnerabilities, threats, and risks in a timely manner.
· Conduct regular security audits, vulnerability assessments, and penetration testing of data center systems, networks, and applications, and develop and implement remediation plans as needed.
· Manage and oversee the day-to-day operation of security technologies such as firewalls, intrusion detection/prevention systems, antivirus/malware solutions, security information and event management (SIEM) systems, and other security tools.
· Collaborate with the IT and OT operations teams to ensure that security controls and best practices are implemented in the design, deployment, and operation of systems, including network security and system hardening.
· Develop and deliver information security and cybersecurity awareness and training programs for employees and contractors and promote a culture of security awareness and compliance throughout the organization.
· Manage and respond to information security incidents, including conducting investigations, coordinating with relevant stakeholders, and implementing appropriate remediation measures to mitigate the impact of security incidents.
· Stay updated on the latest information security and cybersecurity trends, threats, and technologies, and provide recommendations to senior management for continuous improvement of the company’s information security and cybersecurity programs.
· Work with the global compliance team to ensure compliance with relevant global laws, regulations, and industry standards such as GDPR, HIPAA, PCI DSS, ISO 27001, SOC, and NIST Cybersecurity Framework, and maintain documentation and evidence of compliance.
MUST-HAVE QUALIFICATIONS:
· Bachelor’s degree in computer science, information technology, or a related field. Relevant certifications such as CISSP, CISM, or CRISC are highly desirable.
· Proven global experience (at least 5 years) in information security and cybersecurity management, preferably in a data center or critical infrastructure environment.
· Strong knowledge of information security and cybersecurity principles, practices, technologies, and frameworks, including but not limited to access controls, network security, encryption, risk management, and incident response.
· Familiarity with relevant laws, regulations, and industry standards such as GDPR, HIPAA, PCI DSS, ISO 27001, SOC, and NIST Cybersecurity Framework, and ability to translate these requirements into practical security controls and practices.
· Possess experience and qualifications around OT systems (SCADA, BMS, EPMS, DCIM).
· Experience in managing security technologies such as firewalls, intrusion detection/prevention systems, SIEM systems, antivirus/malware solutions, and other security tools.
· Strong analytical, problem-solving, and decision-making skills, with the ability to assess and mitigate security risks and incidents in a timely and effective manner.
· Excellent communication skills, both verbal and written, with the ability to communicate complex security concepts to technical and non-technical audiences.
· Ability to work independently and collaboratively in a fast-paced and dynamic environment and manage multiple priorities and projects simultaneously.
· Strong leadership skills, with the ability to lead and mentor a team of IT professionals, and work effectively with cross-functional teams and senior management.
THIS MIGHT BE RIGHT FOR YOU IF:
· You’re a strong communicator, equally comfortable in the boardroom as the data center hall. You’re persuasive and clear, blending data with decision-making.
· You don’t get flustered easily. You can juggle multiple priorities while balancing urgent requests with shifting timelines and deliverables.
· You’re committed to continual learning. You’re knowledgeable on regulations and industry standards for IT frameworks while keeping up to date through networks and industry resources.
· We offer a competitive compensation package with strong benefits, including medical, dental, and vision insurance, a 401K program, flexible spending accounts – even a cell phone subsidy.
· We foster a culture of appreciation, including an appreciation rewards program.
· Fun is part of our DNA, with events, game nights, and barbecues.
· We’re growing – this is a great time to join and make an impact!
We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, age, national origin, mental or physical disability, genetic information, veteran status, or any other status protected by federal, state, or local law
< Back to Job Search