Director / Senior Director, Information Security Operations & Engineering

NO 3RD PARTIES AT ALL!

Director / Senior Director, Information Security Operations & Engineering (Deputy CISO) USA REMOTE- NORTHEAST RESIDENTS ONLY!

Overview: Handson security leader serving as the operational and technical counterpart to the CISO for a ~750employee midenterprise. Own security execution, incident response, engineering, and maturity uplift. Requires deep technical credibility, strong judgment, and realworld incident experience. Not a compliance or certificationdriven role. Contracttohire potential. In short, you will be the right-hand person to the CISO . MUST BE AN INCIDENT RESPONSE SME-

Core Responsibilities

Security Leadership

• Act as the primary operational partner to the CISO

• Drive security strategy, roadmap, and crossfunctional initiatives

• Translate business risk into practical controls

• Support executive/boardlevel communication

• Improve measurable security maturity

Security Operations & Incident Response

• Lead IR program and act as a senior escalation during incidents

• Enhance detection, containment, eradication, and recovery

• Build playbooks (ransomware, insider threat, BEC, cloud attacks)

• Coordinate with legal, forensics, and cyber insurance

Ransomware Prevention

• Implement layered ransomware defenses

• Strengthen segmentation, PAM, EDR, backups, DR/BCP

• Run tabletop exercises and validate resilience

Cloud & Infrastructure Security

• Lead security across AWS/Azure/Google Cloud Platform, hybrid, onprem, colo

• Secure identity, network, compute, storage, apps

• Improve telemetry, logging, and monitoring

• Partner with Infra/DevOps on secure architecture

Data Protection / DLP

• Build and operationalize DLP strategy

• Improve classification, monitoring, access, and insiderrisk controls

Security Engineering

• Oversee SIEM, EDR/XDR, IAM/PAM, vuln mgmt, email security, network controls, backup/recovery

• Reduce tool sprawl and noise; focus on operational effectiveness

Risk & Maturity

• Conduct practical risk assessments

• Prioritize remediation based on business impact

• Improve policies, standards, governance

• Support audits, customer reviews, and compliance

• Establish meaningful metrics

Required Experience

• 10+ years of progressive security experience

• Senior leadership in security operations/engineering

• Deep handson expertise in IR, ransomware, cloud, infra, IAM, and architecture

• Strong understanding of attacker TTPs

• Proven ability to build/scale security programs

• Strong communication with technical + executive audiences

• High ownership, calm under pressure

Preferred

• Deputy CISO or direct CISOsupport experience

• Hybrid cloud/onprem environments

• Crisis leadership experience

• Tool rationalization experience

• M&A or rapidgrowth environments

What We Value

Judgment, technical depth, realworld experience, operational discipline, calm under pressure, ethics, accountability, ability to execute, and practical not theatrical security leadership.

Engagement

Contract/consulting starts with potential conversion to fulltime. Highvisibility role with enterprisewide impact.