Director, Cyber Defense & Response - Data Security

About The Position

Requirements

• Bachelor’s degree in Information Security, Computer Science, Cybersecurity, or a related field preferred.
• 8+ years of experience in cybersecurity with a strong focus on data security, data protection, and governance.
• Demonstrated experience leading enterprise or global data security programs and managing security teams.
• Strong understanding of data protection principles aligned with industry best practices and frameworks.
• Experience implementing and managing data security controls such as data classification, access control, encryption, data loss prevention (DLP), and monitoring of data usage.
• Hands-on experience with security technologies used to protect and monitor data, including SIEM, CASB, DSPM, and cloud security platforms.
• Familiarity with regulatory and privacy requirements impacting data protection (e.g., GDPR, HIPAA, CCPA) and their associated control expectations.
• Ability to conduct data risk assessments, control gap analysis, and remediation planning to strengthen protection of sensitive information assets.
• Strong leadership, communication, and stakeholder management skills, with the ability to collaborate across IT, Security, Privacy, Compliance, and Risk functions.
• Proven ability to handle sensitive and confidential information with discretion and sound judgment.
• Business acumen and the ability to make risk-based decisions that balance security, regulatory obligations, and operational needs.
• Commitment to continuous learning and professional development to stay current with evolving data security threats, technologies, and regulatory requirements.

Nice To Haves

• GIAC Certified Forensic Analyst (GCFA)
• GIAC Cloud Forensics Responder (GCFR)
• GIAC Cloud Forensics Responder (GCFR)
• Certified Information Systems Security Professional (CISSP)
• AWS Security Specialty

Responsibilities

• Build, mentor, and manage a team of data security specialists responsible for monitoring and investigating data security incidents.
• Develop and maintain data security policies, standards, and procedures aligned with company policies and standards.
• Partner with key stakeholders to support efforts around identification and classification of data assets.
• Ensure appropriate protection mechanisms such as encryption, access controls, and DLP are implemented.
• Support data security risk assessments and control gap analysis to identify exposures affecting sensitive data.
• Oversee monitoring and detection capabilities to identify potential data loss, misuse, or unauthorized access.
• Direct response activities for data security incidents, including investigation, containment, remediation, and reporting.
• Partner with IT, Risk, Compliance, and Privacy teams to ensure secure data handling, storage, and transmission practices.
• Support education and awareness initiatives to promote responsible data handling.
• Provide executive reporting on data risk posture, security metrics, and program maturity.
• Continuously evaluate emerging threats, regulatory changes, and industry practices to enhance the data security program.
• Drive continuous improvement of detection, investigation, and prevention capabilities in alignment with leading practices.
• Operate effectively in ambiguous and complex situations, independently assessing risk, making timely decisions, and applying a flexible, solutions-oriented approach to resolve insider risk challenges.
• Continuously develop professional expertise by completing relevant training and pursuing industry-recognized certifications to stay current with evolving insider risk, cybersecurity, and investigative practices.

Benefits

• Market competitive base salaries, with a yearly bonus potential at every level.
• Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave.
• 401(k) plan with company match (up to 4%).
• Company-funded pension plan.
• Wellness Programs including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs.
• Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.
• Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs.
• Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.
• Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance.