Sr Director - Enterprise Cybersecurity Architecture and Cloud Security

This senior level managing position oversees the development, implementation and maintenance of assigned ITRM process and/or service portfolio by working collaboratively with leadership to develop the ITRM strategy. This role is responsible for staying current with industry trends, benchmarks, and best practices and providing guidance when difficult decisions need to be made.

• Directs the operations of multiple units and departments by identifying customer and operational needs; analyzing resources, costs, and forecasts and incorporating them into business plans; engaging strategic, cross-functional business units to champion and drive support for business plans and priorities; translating business strategy into actionable business requirements; obtaining and distributing resources; setting standards and measuring progress; anticipating and removing obstacles that impact performance; addressing performance gaps and implementing contingency plans accordingly; ensuring products and/or services meet customer requirements and expectations while aligning with organizational strategies; serving as a subject-matter expert and trusted source to executive leadership; and providing influence and consultation in the development of the larger organizational or business strategy.


• Models and drives continuous learning and maintains a highly skilled and engaged workforce by aligning cross-functional resource plans with business objectives; overseeing the recruitment, selection, and development of talent; motivating and empowering teams; building organizational capacity and developing high potential employees for growth opportunities and advancement; staying current with industry trends, benchmarks, and best practices; providing guidance and leadership when difficult decisions need to be made; and ensuring performance management guidelines and expectations align with and drive business objectives and results.


• Effectively communicates technical security findings to non-technical audiences.


• Leads and assists in the development of project strategies, methodologies, and standard processes for moderately to highly complex IT initiatives across multiple security domains by analyzing business and technology requirements to ensure testability and traceability.


• Reviews and signs off on project (e.g., testing, requirements documentation, logical models, etc.) scope and approach, and partners with cross-functional IT and business stakeholders to review and approve the overall project approach.


• Researches and stays abreast of industry trends, emerging threats, best practices, and cutting edge techniques to creatively discover and exploit vulnerabilities, and recommend security solutions for technology systems.


• Serves as an escalation point on issues, dependencies, and risks related to security testing.


• Determines if the necessary skills and knowledge required to meet ongoing and changing business demands exists across business or technical domains, and ensures skill and knowledge gaps are closed through talent development and outsourcing as appropriate.


• Leverages partnerships between security consultants, Program/Project Managers, and other IT planning leaders to drive workforce planning efforts.


• Approves and directs additional staff augmentation through managed service agreements as needed.


• Oversees budgets and capital planning across departments and annual business cycle levels as appropriate.


• Oversees the implementation of and adherence to standardized security tools, templates, and processes to support continuous process improvement across business domains.


• Recommends and advocates for regional and national process or solution design improvements which align with sustainable best practices, and the strategic and tactical goals of the business.


• Provides insight and guidance to ensure solutions are aligned with business strategies, operational work flow, established budgets, and vendor service level agreements.


• Develops trends and high level themes related to lessons learned, and communicates this feedback to stakeholders, leadership, and the larger information security community.


• Collaborates with cross-functional IT teams to gain buy-in and approval of test plans, and tracks quality metrics across testing phases (e.g., SIT, Performance, UAT, Automation, Production, Validation).


• Ensures KPIs are defined, up-to-date, and aligned to higher level organizational KPIs.


• Drives the development of cyber security intellectual capital by leading process or procedure improvements, consulting on brown bag training sessions, and leading the development of new training documents.


• Directs information sharing and integration procedures across cyber security to ensure the exchange of threat intelligence and cyber security vulnerability assessment data.


• Provides insight and influence to executive management and business leaders on how to remediate issues identified through security testing processes.


• Reviews, evaluates, and prioritizes value gaps and opportunities for process enhancements or efficiencies.


• Establishes a network of partnerships with technology risk teams and business stakeholders to respond to and remediate identified issues, and ensure the best approach for improving security posture.