Director of Fraud Escalations

As passionate about our people as we are about our mission.

Why Join Q2?

Q2 is a leading provider of digital banking and lending solutions to banks, credit unions, alternative finance companies, and fintechs in the U.S. and internationally. Our mission is simple: build strong and diverse communities through innovative financial technology-and we do that by empowering our people to help create success for our customers.

What Makes Q2 Special?

Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our "Circle of Awesomeness" award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together.

SUMMARY

As the Director of Fraud Escalations , you will lead a specialized team responsible for investigating and resolving complex, high-impact fraud cases escalated from banking customers. This role requires strategic leadership, strong problem-solving skills, and a deep understanding of fraud detection, investigation, and resolution within the financial services industry. You will work closely with customer support, risk, legal, compliance, and technology teams to ensure a fast, fair, and secure resolution process for affected customers.

RESPONSIBILITIES
Own multi-year roadmaps, investment cases, and alignment with executive stakeholders
Define and execute the enterprise incident response strategy aligned with risk posture and business needs
Set direction and priorities for the team, translating cybersecurity strategy into executable and measurable plans
Manage operational budgets, vendor relationships, and cross-functional dependencies
Lead and develop a high-performing incident response team with a culture of accountability and continuous improvement
Establish operating rhythms, metrics, and reporting structures to ensure program performance and visibility
Lead major incident response activities, including real-time triage, containment, eradication, and recovery
Facilitate post-incident reviews and drive corrective actions to improve response capabilities and resilience
Maintain and update incident response runbooks, playbooks, and escalation paths with clear roles and RESPONSIBILITIES (RACI)
Coordinate with SOC, threat intelligence, legal, communications, and executive teams during active events
Build and track key performance indicators (KPIs) and key risk indicators (KRIs) to measure and optimize effectiveness
Oversee the design and execution of tabletop exercises to ensure response readiness across the organization
Drive automation and process improvement initiatives to enhance speed, consistency, and scale of incident response
Serve as the primary escalation point for complex or high-impact incidents
Engage in executive-level reporting and communicate cybersecurity risks, incidents, and response strategies effectively

EXPERIENCE AND KNOWLEDGE
Typically requires a Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field and a minimum of 12 years of related experience; or an advanced degree with 8+ years of experience; or equivalent relevant work experience
Typically requires 5-7 years managing and developing employees
Proven leadership in developing and scaling global incident response and cyber defense programs
Expertise in managing complex, high-impact cyber incidents and breaches, including ransomware, insider threats, and nation-state actors
Deep technical knowledge of cybersecurity tools, forensics, malware analysis, and cloud-native incident response
Strong knowledge of regulatory and compliance frameworks (e.g., GDPR, HIPAA, NIST, ISO, SOX, PCI-DSS)
Executive-level communication and crisis management skills, with the ability to brief C-suite and board members during incidents
Demonstrated ability to build high-performing teams and foster a collaborative, empowered culture
Strong analytical, decision-making, and problem-solving skills in time-sensitive situations
Experience with enterprise security tools including SIEM, SOAR, EDR, and threat intelligence platforms
Recognized industry certifications preferred: CISSP, CISM, CISA, GCFA, GCIH, GNFA, or similar

This position requires fluent written and oral communication in English.

Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

Health & Wellness

• Hybrid Work Opportunities
• Flexible Time Off
• Career Development & Mentoring Programs
• Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents
• Community Volunteering & Company Philanthropy Programs
• Employee Peer Recognition Programs - "You Earned it"

Click here to find out more about the benefits we offer.

Our Culture & Commitment:

We're proud to foster a supportive, inclusive environment where career growth, collaboration, and wellness are prioritized. And our benefits go beyond healthcare-offering resources for physical, mental, and professional well-being. Click here to find out more about the benefits we offer. Q2 employees are encouraged to give back through volunteer work and nonprofit support through our Spark Program (see more). We believe in making an impact-in the industry and in the community.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or veteran status.

Applicants in California or Washington State may not be exempt from federal and state overtime requirements