Job Description

We are seeking a Director of Cybersecurity to lead and mature the organization’s enterprise security posture. This role is responsible for setting cybersecurity strategy, overseeing security operations, managing risk and compliance initiatives, and partnering closely with IT, executive leadership, and business stakeholders.

The ideal candidate brings a strong mix of hands-on technical security experience and strategic leadership , with the ability to translate risk into business impact and guide the organization through evolving cyber threats.

Key Responsibilities

Cybersecurity Strategy & Leadership

• Own and execute the organization’s cybersecurity strategy, roadmap, and long-term security architecture.
• Serve as the senior authority on cybersecurity risk, advising executive leadership and business partners.
• Build, lead, and mentor internal security resources and/or managed security providers.

Security Operations & Risk Management

• Oversee day-to-day security operations, including incident response, vulnerability management, threat detection, and remediation efforts.
• Lead incident response planning, tabletop exercises, and post-incident reviews.
• Establish and maintain security policies, standards, and procedures aligned with industry best practices.

Infrastructure, Cloud & Application Security

• Partner with IT infrastructure, cloud, and application teams to embed security across on-prem and cloud environments.
• Ensure secure configurations across networks, endpoints, identity systems, and business-critical applications.
• Guide secure design and review of new systems, integrations, and vendor solutions.

Governance, Risk & Compliance (GRC)

• Own cybersecurity risk assessments, audits, and compliance initiatives (e.g., SOC 2, ISO 27001, NIST, HIPAA, or similar frameworks as applicable).
• Manage third-party/vendor security risk assessments.
• Maintain security documentation, metrics, and executive-level reporting.

Collaboration & Communication

• Translate technical security risks into clear, actionable business insights for non-technical stakeholders.
• Partner with legal, compliance, HR, and business leadership on security awareness and policy enforcement.
• Drive organization-wide security awareness and training programs.

Required Qualifications

• 8+ years of progressive experience in cybersecurity, information security, or IT risk management.
• 3+ years in a leadership or senior management role (Director, Manager, Lead, or equivalent).
• Strong understanding of:
• Network, endpoint, identity, and cloud security
• Incident response and vulnerability management
• Security frameworks and risk management methodologies
• Proven experience working with executive leadership and cross-functional teams.
• Ability to balance strategic planning with hands-on guidance and oversight.

Preferred Qualifications

• Experience leading security programs in mid-size or growing organizations.
• Background supporting hybrid or cloud-first environments (Azure, AWS, or similar).
• Familiarity with regulatory or compliance-driven environments.
• Relevant certifications such as CISSP, CISM, CRISC, or equivalent.

Why This Role

• High-impact leadership position with visibility across the organization.
• Opportunity to shape and mature the cybersecurity function.
• Competitive compensation up to $170,000 base plus comprehensive benefits.
• Stable, long-term role based in Paoli, PA , with flexibility for hybrid work depending on business needs.

Job Tags

Similar Jobs