Director of Information Security

About This Role

Lead a team of security professionals, work cross-functionally with business and technology stakeholders, and drive a culture of security awareness. This hands-on Director of Information Security role will oversee risk assessments, incident response, compliance, and the continuous improvement of security operations for an American fitness company.

Responsibilities

• Lead a team of security professionals
• Work cross-functionally with business and technology stakeholders
• Drive a culture of security awareness throughout the organization
• Oversee risk assessments
• Oversee incident response
• Oversee compliance
• Oversee continuous improvement of security operations
• Ensure organizational compliance with applicable regulations and frameworks such as SOC 2, ISO 27001, NIST CSF, HIPAA, GDPR, PCI-DSS, and CCPA
• Manage incident response, vulnerability management, and security operations at scale

Requirements

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field
• 10+ years of progressive experience in information security
• 5+ years in a leadership or management role
• Deep expertise in security frameworks and standards (NIST, ISO 27001, CIS Controls, MITRE ATT&CK)
• Demonstrated experience managing incident response, vulnerability management, and security operations at scale
• Strong understanding of cloud security (AWS, Azure, GCP), network security, application security, and identity management
• Proven ability to communicate complex security concepts to non-technical audiences, including C-suite executives and board members

Qualifications

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field
• 10+ years of progressive experience in information security, with at least 5 years in a leadership or management role

Skills

* Required skills