Collectors is hiring a
Senior Director

Summary

Join Collectors as a Senior Director of Information Security to lead the charge in safeguarding our organization’s technological assets. This remote role requires 10+ years of security leadership experience, with a strong understanding of network and system security technology and practices. The salary range is $220,000-$320,000.

Requirements

• 10+ years in security leadership
• 5+ years of experience working with public clouds (AWS-preferred, Azure, GCP) and infrastructure security. DevOps experience is a plus (Terraform, Kubernetes, etc.)
• Experience in building, mentoring, and leading security teams, promoting a culture of security awareness
• Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or other relevant information security certifications are a plus
• Strong understanding of network and system security technology and practices, including firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices
• Experience with risk management methodologies and ensuring compliance with laws and regulations such ISO 27001, NIST, SOC 2, HIPAA, GDPR, etc. Experience with international data protection laws for global organizations is a plus
• Experience managing internal and external audits, coordinating compliance initiatives, and overseeing remediation efforts
• Experience with emerging technologies such as AI and machine learning in the context of enhancing security postures
• Proven ability to enhance operational efficiency in monitoring, detection, and response to security threats. Demonstrated experience in incident response and digital forensics
• Demonstrated experience managing relationships with a range of stakeholders, from technical experts to senior leaders to board members
• Strong communication and interpersonal skills, capable of effectively articulating complex security risks and controls to stakeholders, including cross-functional and non-technical partners

Responsibilities

• Develop and drive a comprehensive security strategy aligned with the company’s business objectives and technology roadmap
• Collaborate with the CTO and senior leaders to integrate security considerations into technology planning and decision-making processes
• Provide expert guidance on emerging security threats and trends, advocate for security best practices, and champion security initiatives across the organization
• Manage stakeholder relationships, acting as the primary point of contact for security-related issues and ensuring effective communication with all levels of the organization including technical SMEs, VPs, board members and non-technical stakeholders
• Manage the cybersecurity budget, optimize resource allocation, and leverage cost-effective solutions, including open-source tools
• Consult with our Privacy and Legal Team during security audits to ensure compliance
• Oversee the design and implementation of robust security architectures for both on-premises and cloud-based environments
• Ensure that security solutions and technologies enhance the company’s overall security posture and align with industry standards
• Integrate security throughout the software development lifecycle and IT infrastructure, incorporating best practices and innovative approaches to strengthen security measures
• Formulate and enforce security policies, procedures, and standards that adhere to industry best practices and regulatory requirements
• Identify, assess, and mitigate security risks across the organization, ensuring alignment with relevant laws and regulations (e.g., GDPR, CCPA, ISO 27001)
• Coordinate internal and external audits, manage compliance initiatives, and oversee remediation efforts to address audit findings and compliance gaps
• Lead the development and automation of incident response playbooks and runbooks to enhance operational efficiency and minimize manual efforts
• Be an escalation point and ensure effective monitoring, detection, and response to security incidents

Benefits

• Health Insurance: All full-time employees are eligible to enroll in Medical, Dental, and Vision
• Additional Benefits: Full-time employees are eligible for fertility, commuter, and educational assistance benefits
• 401(K) Matching Plan: We are proud to offer a competitive 401k matching plan to our employees to support their future financial goals
• Vacation: All salaried employees are eligible for flexible time-off
• Holiday Pay: All regular, full-time employees are eligible for ten company paid holidays
• Fun Working Environment: Our team members are invited to participate in celebrations, holiday events, and team building activities