Director-Cyber Security- Network & Digital Edge Security

About The Position

Requirements

• 10+ years of experience in cybersecurity, with deep expertise in Application Security, Edge Security, or Digital Channel Protection.
• 5+ years of leadership experience managing cybersecurity engineering or operations teams.
• Strong knowledge of web architectures, APIs, CDNs, WAF technologies, reverse proxies, and cloud-native security controls.
• Experience defending against bot attacks, account takeover, scraping, and DDoS campaigns.
• Proven track record leading major cyber incidents and cross-functional crisis management.
• Strong executive communication and stakeholder engagement skills.

Nice To Haves

• Experience in financial services or other highly regulated environments.
• Expertise in zero trust architecture and cloud-native edge protection models.
• Familiarity with behavioral analytics and ML-driven threat detection.
• Multi-cloud experience (AWS, Azure, GCP).
• Relevant certifications (CISSP, CISM, CCSP, GIAC).

Responsibilities

• Strategy & Leadership: Define and execute the enterprise strategy for Application & Edge Security , including WAF, bot mitigation, API security, DDoS protection, and CDN/edge controls.
• Build and lead high-performing engineering and cyber defense teams.
• Partner closely with Product, Digital Engineering, Cloud, Infrastructure, Fraud Risk, and Architecture teams to embed security-by-design principles.
• Provide executive-level visibility into digital channel risks, resilience posture, and mitigation effectiveness.
• Engineering & Architecture: Lead architecture and lifecycle management of: Web Application Firewalls (WAF) Bot management and automated threat mitigation platforms DDoS defense (L3/L4 and L7) Edge/CDN security controls
• Integrate behavioral analytics, telemetry, and ML-driven detection capabilities to reduce fraud and abuse.
• Ensure secure design patterns are embedded into customer-facing applications and APIs.
• Operations & Resilience: Establish and manage KPIs/KRIs for: Credential stuffing and account takeover attempts Scraping and automation abuse Application-layer attacks (OWASP Top 10) Volumetric and protocol-based DDoS threats
• Lead incident response for high-severity edge or application-layer attacks.
• Continuously improve detection accuracy while minimizing customer friction.
• Risk & Governance: Align controls with enterprise cybersecurity standards and regulatory expectations.
• Provide structured reporting to risk committees and senior leadership.
• Ensure third-party and vendor risk management across edge security providers.
• Support audits, regulatory exams, and control attestations as required.

Benefits

• Competitive base salaries
• Bonus incentives
• 6% Company Match on retirement savings plan
• Free financial coaching and financial well-being support
• Comprehensive medical, dental, vision, life insurance, and disability benefits
• Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
• 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
• Free and confidential counseling support through our Healthy Minds program
• Career development and training opportunities