Director of Cybersecurity

The Director of Cybersecurity is a critical, hands-on leadership position responsible for developing the company's security strategy while actively protecting its information assets. This role requires a unique blend of strategic vision and deep technical expertise. The ideal candidate will be responsible for driving key security initiatives, leading a team of professionals, and personally investigating complex security events. You will collaborate with and influence leaders across the business to ensure information security risks are prioritized, assessed, and managed effectively.

Strategic Leadership & Planning

• Consult with IT and business leaders to align the cybersecurity strategy with NFI’s long-term and short-term business objectives.

• Develop and manage a 3-year rolling roadmap for all areas of responsibility to guide the evolution of the security program.

• Serve as an active member of the Architecture Review Board, evaluating and advising on security for all hardware and software purchases.

• Stay abreast of current technologies and industry security trends to improve business effectiveness and defend against emerging threats.

• Establish strong working relationships with key stakeholders to ensure alignment on priorities and achieve buy-in for security initiatives.

Team Leadership & Development

• Effectively lead and mentor one or more diverse teams within IT, clearly communicating expectations and appraising results against measurable goals.

• Ensure teams have the necessary resources, including technology, skills, and headcount, to achieve departmental objectives.

• Provide direct reports with consistent access to professional development opportunities.

• Conduct annual performance reviews and collaborate with employees to develop goals that support core IT and business objectives.

• Engage and manage external specialist resources as necessary.
  

Technical Security & Risk Management

• Perform hands-on vulnerability assessments and penetration tests to identify, troubleshoot, and remediate network and system vulnerabilities.

• Develop and manage secure network solutions designed to protect the organization against advanced persistent threats.

• Execute and mature the Identity and Access Management (IAM) program, applying principles such as Least Privilege and Role-Based Access Control (RBAC) in a complex environment.

• Apply a strong understanding of risk management concepts, GRC, and industry frameworks like ISO and NIST to mature the overall cybersecurity program.

Security Operations & Incident Response

• Plan, develop, and present high-tech solutions to defend against hacking, malware, ransomware, and insider threats.

• Oversee the monitoring of computer networks to identify security issues and anticipate potential security breaches.

• Lead the investigation, documentation, and analysis of security breaches and cyber incidents to determine the source of the issue and assess the damage caused.

• Prepare and deliver progress reports to management on project status and any deviation from goals.

Required Experience & Skills

• 10+ years of relevant experience is preferred.

• BA/BS degree is strongly preferred; comparable work experience will be considered.

• Proven experience in the management of security projects and complicated security issues.

• Deep understanding of Identity and Access Management (IAM) principles and processes.

• Strong knowledge of technologies and methods across IT systems and information security, including GRC and industry frameworks such as ISO and NIST.

Key Competencies

• Exceptional verbal and written communication skills, with experience writing high-quality documentation (technical, policies, procedures) for a wide range of audiences.

• Ability to present with confidence to different audiences and articulate complex technical concepts in both technical and non-technical terms.

• Must be able to work well with others and promote a highly collaborative work environment.

• Demonstrated ability to be self-motivated, multi-task, and juggle multiple priorities to ensure successful completion of all objectives.

• Strong analytical thinking, troubleshooting skills, and the ability to work with a wide range of technologies.

• Must conduct oneself with the utmost integrity and practice a high degree of ethical judgment.

We are excited to share that the base salary range for this position is $155,329.20 - $207,105.60. This position is also eligible for an annual discretionary bonus, targeted at 3%. NFI takes into consideration applicants' qualifications, experience, education, and geographic location when determining a starting rate of pay.

Employees are also eligible for a robust benefit program, which includes Medical, Dental, Vision, Prescription Drug Coverage, 401k Plan, Wellness Program, Life Insurance, Paid Time Off, and Paid Parental Leave, among other benefit plan options.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

LA County Applicants: The Company will consider qualified applicants, including those with criminal histories, in a manner consistent with applicable state and local laws.