Sr. Director, Cybersecurity
Skills
- Hands-on leadership across AppSec, Product Security, Cloud and Infrastructure Security
- Incident response, forensics, and 24x7 on-call experience
- Vulnerability management, pentesting and red team experience
- Cloud security expertise (AWS and cloud architecture reviews)
- Experience with SIEM, detection engineering and security monitoring
- Scripting and automation experience (Python, Go, JavaScript, Ruby)
- Familiarity with enterprise tooling: GitHub, Crowdstrike, DataDog, Cloudflare, Heroku, JAMF
- Strong knowledge of compliance frameworks: SOC2, ISO27001/27018, NIST 800-53v4
- Experience with data governance, data flows and secure system architecture
- Excellent communication, stakeholder engagement and team leadership
Responsibilities
- Define and execute Bugcrowd’s overall cyber security strategy and roadmap
- Assess corporate technology systems and recommend/implement security enhancements
- Evaluate technical aspects of vendor acquisitions and security tooling with IT and compliance
- Design, implement and continuously improve security controls across cloud, infra, and applications
- Partner with GRC to design and implement policies/procedures for SOC2, NIST 800-53v4, ISO27001, ISO27018, and FedRAMP
- Represent Bugcrowd during internal and external audits for SOC2 and ISO standards
- Manage Bugcrowd’s bug bounty program and support client-facing bounty standards
- Review new features for secure architecture and testing prior to development and launch
- Manage access controls and authorization for production systems (GitHub, AWS, Tableau, etc.)
- Audit cloud infrastructure and assist with secure architecture design
- Manage and audit vulnerability scanning programs (Qualys, Nessus) and remediation workflows
- Perform code reviews, penetration testing, and automated security checks in CI/CD
- Automate security tasks and tooling to identify and remediate issues (Python, Go, JS, Ruby)
- Operate and build detection capabilities (SIEM) and lead 24x7 incident response/on-call rotations
- Perform threat intelligence, malware analysis, and forensic investigations as required
- Coordinate red team engagements and implement mitigations for findings
- Develop security awareness materials and run tabletop exercises and business continuity testing
- Present findings to the ISMS committee and represent technical controls for ISO27001
- Lead, hire, mentor and grow an internal cybersecurity team with measurable objectives
Education
- Bachelor’s degree in Computer Science, Cybersecurity, MIS or equivalent experience preferred
- Relevant professional certifications (CISSP, CISM, OSCP, GIAC) are desirable
Benefits
- 100% remote work
- Competitive base salary with discretionary bonus eligibility
- Inclusive, collaborative culture and professional development support
- Standard employee benefits (medical, dental, vision) and paid time off
- Opportunities to work with leading security researchers and cutting-edge security tech
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
Experienced Windows/AD engineer needed to lead enterprise Windows Server and Active Directory operations, automate at scale with PowerShell, and support Exchange messaging at a Tier 3 level for onsite work in Washington, DC.
Experienced Salesforce Administrator needed to support global users, manage account data and hierarchies, and monitor integrations for a leading technology consulting firm in the media and advertising space.
Wiz is hiring a Public Sector Architect to drive FedRAMP/DISA-compliant cloud security architecture and lead federal authorization efforts across AWS, Azure, and GCP for U.S. government customers.
Experienced physician informaticist needed to lead Epic optimization, clinician engagement, and digital strategy as CMIO at a world‑leading cancer center.
Experienced learning design leader sought to manage a team creating scalable, user-centered learning experiences that enable successful technology implementations across HUB International.
Provide first-line IT support for two Mercedes-Benz dealership locations in the Richmond area, troubleshooting hardware, software, and user access while escalating complex issues to senior IT staff.
Lead mission-critical manufacturing IT operations and projects for a major metal-products manufacturer, ensuring uptime, compliance, and alignment with business goals.
Senior Application Analyst needed to lead design, testing, and production support for OHSU's Epic Resolute HB application and enterprise coding workflows.
Support Fort Worth city staff as an IT Help Desk Technician providing phone and email troubleshooting, ticket management, and Active Directory administration in a hybrid, public-sector environment.
Peraton is hiring a Systems Administrator in Herndon to own enterprise PKI and HID/CAC infrastructure, lead upgrade projects, and ensure high availability and security of critical systems.
First American is hiring a Senior Business Systems Analyst to lead Salesforce-driven sales and marketing automation and integrations that optimize customer journeys and drive measurable business results.
Experienced cloud security engineer needed to define and enforce organization-wide cloud security policies and secure infrastructure across cloud, networking, and application domains for a mission-driven US-based organization.
Lead RMF A&A and cloud security efforts for DoD clients, driving ATO packages, risk mitigation, and secure architecture decisions at Booz Allen.
We build innovative, crowd-powered solutions that connect the creativity of the global security community to the global market. Our Vision A radical cybersecurity advantage. Our Values • Simple is strong • Respect is the key • Happy Customer...
1 jobs
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
