Director of Cybersecurity

We are seeking a highly technical, data-driven Director of Cyber Security to serve as the right-hand implementor to our CISO. This is a strategic, hands-on role focused on building our Security Operations Center (SOC) from the ground up as an automated audit and observability engine for the entire organization. Your primary mission is to partner with IT, Operations, and Engineering to define the "what" and "why" of our security requirements, particularly for our critical data center infrastructure (OT/BMS, multi-tenant networks). You will then design and build the systems to continuously audit these requirements, transforming metrics from all assets into clear, actionable reports. These reports will be a key tool to show all departments where they are falling short, help them prioritize mitigation, and provide high-level visibility to leadership and the board to act as a forcing function for resource allocation and risk acceptance.

1. SOC & Security Observability (The "Audit Engine")

• Lead the architecture, build-out, and management of our modern, data-centric Security Operations Center (SOC).

• Develop and manage a security data pipeline, performing ETL (Extract, Transform, Load) operations to aggregate metrics from disparate sources (e.g., Cloudflare, Fortinet firewalls, network switches, BMS/OT sensors) into a clean, unified view for analysis.

• Leverage industry-standard tooling (such as Prometheus, Grafana, and other common ETL tools) to collect, store, and visualize time-series security data, feeding it into the central SOC platform.

• Integrate security metrics from CI/CD pipelines and web application protection systems (e.g., WAF, DDoS mitigation) into the central SOC platform for continuous monitoring and analysis.

• Integrate performance and uptime metrics from critical web applications into the central SOC platform for continuous monitoring and analysis, identifying and mitigating potential reliability issues.

• Implement and mature our incident response (IR) and vulnerability management programs, using the SOC's data to prioritize real-world risks.

2. Automated Governance & Requirements Definition

• Partner with IT and Operations to define and codify security requirements for all critical infrastructure, including:

• Operational Technology (OT): Building Management Systems (BMS), HVAC, power, and cooling controls.

• Corporate & Cloud IT: Endpoints, servers, and cloud environments.

• Act as a subject matter expert by recommending specific, hardened configurations for key tools, including firewall rule-sets, Cloudflare Security Center settings, and Google Cloud (or other) security best practices.

• Use the SOC's observability platform to create automated, continuous audits that measure compliance against these defined requirements.

• Support the CISO in all GRC related activities (ISO 27001 and SOC 2) by providing evidence, operational feedback, and using the compliance frameworks as a data source to measure control maturity.

3. Data-Driven Reporting & Risk Mitigation

• Serve as the CISO's key operational partner in executing the organization's security roadmap, with a focus on rolling out the CIS Controls framework.

• Generate and present clear, high-level reports for executive leadership and the Board of Directors.

• These reports will clearly identify systemic risks, departmental gaps in compliance, and resource/prioritization needs, serving as a forcing function to drive mitigation.

• Work collaboratively with department heads to help them understand their specific shortfalls and build plans for remediation.

4. Leadership & Collaboration

• Build productive bridges with Operations and Engineering, acting as a solutions-driven partner, not a blocker

• Lead, mentor, and grow a high-performing team of security analysts and engineers

• Translate high-level security goals into actionable project plans, timelines, and data-driven KPIs

Required:

• Experience: 5+ years in a senior cyber security role

• SOC/Observability: Demonstrable, hands-on experience building and/or managing a modern Security Operations Center (SOC) and security stack (SIEM, SOAR, EDR, etc.).

• Data Expertise: Proven experience in building data pipelines and performing ETL operations to collect, transform, and normalize security metrics.

• Tooling Familiarity: Hands-on experience with common observability and data pipeline tools such as Grafana, Prometheus, Logstash, or similar technologies.

• Leadership: Proven ability to be an "implementor" and a "doer"—not just a strategist.

• Collaboration: Exceptional communication skills, with the ability to influence and build consensus with both technical (Ops/Eng) and non-technical stakeholders.

Preferred (Highly Desired):

• Knowledge of web application security, including WAF and DDoS protection.

• Hands-on experience with the SOCFortress stack or similar open-source security platforms.

• Knowledge of industry standard security frameworks, particularly the CIS Controls and NIST Cybersecurity Framework (CSF).

• Familiarity with open-source GRC or security management tools like CISO Assistant.

• Technical background in network engineering, cloud security, or systems administration.

• Strong understanding of data center operations and the security principles (e.g., network segmentation, isolation of BMS/BAS devices).

• Experience with CI/CD security best practices and tools

• Firm grasp of multi-tenant security architecture, including logical isolation (e.g. virtualization, network segmentation, zero trust) and physical access controls.

• Relevant professional certifications (e.g., CISSP, CISM).

Physical Requirements:

There are no physical requirements per say at the same time this role does require cognitive stamina including:

• Must be able to work in a high-stakes, fast-paced environment and make critical decisions under pressure

• Demonstrated ability to lead and maintain focus during extended incident response scenarios

• This role requires high levels of mental acuity and resilience to manage concurrent, complex security challenges