Director, Cybersecurity

About The Position

Requirements

• Strategic vision and leadership in cybersecurity
• Advanced knowledge of information security frameworks, risk management, and regulatory compliance
• Strong analytical, problem-solving, and decision-making skills
• Excellent verbal and written communication; ability to present complex concepts to diverse audiences
• Adaptive mindset; ability to thrive in dynamic, fast-paced environments
• Stakeholder engagement and cross-functional collaboration
• Experience with policy development, gap analysis, and change management
• Master’s degree in Cybersecurity, Information Technology, or related field preferred; or equivalent experience
• 15+ years of progressive experience in cybersecurity, including 10+ years in leadership roles
• Proven track record of developing and executing large-scale cybersecurity strategies
• Experience managing teams, budgets, and complex projects
• Strong understanding of IT operations, digital transformation, and business processes
• Experience with cloud platforms (Azure, AWS) and SaaS security.
• Knowledge of zero trust, DevSecOps, and secure SDLC.
• Board-level communication skills and experience influencing senior leadership.
• Experience building security awareness programs and driving a security-first culture.
• Exemplify each of our Lovesac values, at all times, be results driven and utilize knowledge to meet or exceed key performance indicators (KPIs), goals and deadlines.
• Must be able to travel using various forms of transportation, as required by the Company in its sole discretion, for mandatory meetings and conferences held either at our offices or offsite (i.e. quarterly team connection weeks, companywide meetings and events, vendor visits).
• Must comply with all policies and procedures outlined in the Lovesac Employee Handbook and work collaboratively with fellow employees, treating all clients, both internal and external with dignity and respect at all times.

Nice To Haves

• Experience in furniture, home goods, lifestyle, or other high-consideration consumer categories.
• Certifications such as CISSP, CISM, or equivalent
• Demonstrated ability to influence senior leadership and drive organizational change

Responsibilities

• Develop and execute a comprehensive cybersecurity strategy aligned with business objectives and regulatory requirements.
• Communicate the cybersecurity vision and strategy across the organization; motivate teams to achieve high standards of security and compliance.
• Lead, mentor, and develop a high-performing cybersecurity team; foster a culture of innovation, accountability, and continuous learning.
• Provide regular updates to executive leadership and the Board on cybersecurity posture, risks, and mitigation strategies.
• Oversee risk assessments, incident response, and vulnerability management programs.
• Ensure operational compliance with relevant external regulations (e.g., GDPR, CCPA, SOX) and internal policies.
• Lead the development and implementation of cybersecurity policies, procedures, and guidelines.
• Oversee third-party/vendor risk management and supply chain security.
• Ensure alignment with industry standards such as NIST CSF and PCI DSS.
• Manage and maintain cybersecurity systems, infrastructure, and tools to protect against cyberattacks, intrusions, malware, and data breaches.
• Horizon scanning: Identify emerging threats, technologies, and trends; evaluate their impact and recommend proactive measures.
• Oversee security architecture, network security, endpoint protection, and identity management.
• Lead adoption of cloud security best practices and zero trust principles.
• Drive integration of security into digital transformation initiatives and secure software development lifecycle (SDLC).
• Collaborate with IT, business units, and executive leadership to integrate cybersecurity into digital transformation initiatives.
• Engage with stakeholders to understand needs, communicate risks, and drive adoption of security best practices.
• Lead cross-functional teams in incident response, crisis management, and business continuity planning.
• Serve as executive lead during major security incidents; oversee root cause analysis and lessons learned.
• Set and monitor performance objectives for the cybersecurity team and vendors; report on key metrics and outcomes.
• Manage departmental budgets, resource allocation, and vendor relationships.
• Continuously assess and improve organizational capability, readiness, and maturity in cybersecurity.
• Establish and track KPIs, KRIs, and maturity models to measure program effectiveness and ROI on security investments.

Benefits

• Annual Bonus Program
• Annual and Inaugural Grant Equity Awards
• 401K Matching Contribution
• Financial Wellness Tools
• Medical, Dental, Vision
• Health Savings and Flexible Spending Accounts
• Paid Parental Leave
• Life/AD&D
• Short Term and Long-Term Disability
• Critical Illness and Accident Insurance
• Employee Assistance Program
• Up to 160 hours of paid time off within our fiscal calendar year, prorated from date of hire, 8 paid company recognized holidays.
• Pet Insurance and generous Associate Discounts.