Skip to main content

Sr. Director of Security & Infrastructure

  • Department:
    Engineering
  • Status:
    Full-Time
  • Reports to:
    SVP, Engineering
  • Location:
    Denver, CO

JOB DESCRIPTION:

Exclusive Resorts is seeking a Senior Director of Security and Infrastructure to become a key member of the Engineering leadership team that will be accountable for the overall operation of the organizations network. This position will be responsible for managing and leading the security operations, system access provisioning, and disaster recovery planning and governance. In addition, they will monitor system and data security compliance and threat response remediation in partnership with the Risk Management team, comprised of key Executives.

This role brings current knowledge and a future vision to support the evolution of our core technology operations.  You will lead the improved adoption of new practices and capabilities to propel our overall cybersecurity forward. As a senior stakeholder in all relationships with externally sourced infrastructure and service partners, you will partner with other Engineering leads to understand the business needs of the organization and share new or existing capabilities that can address or improve business operations.

ESSENTIAL ROLES AND RESPONSIBILITIES:

  • Drives the development of enterprise technology standards, information security standards, governance processes and performance metrics
  • Develops, implements, manages operational reporting to demonstrate compliance and identify areas of improvement
  • Accountable to drive and monitor the execution of identified deficiencies or open remediations. Facilitate the development of integrated solutions
  • Serve as a continuous connector and operates through the lens of what can we do to simplify and improve things
  • Build, nurture, and coach a deeply engaged, high-performing team of 4-5 employees
  • Function as a thought leader for the organization - voicing opinions on offerings, areas of growth, and areas of risk, while being open to critique and feedback
  • Senior level oversight for strategic vendor and partner relationship management and input to sourcing strategies
  • Ability to combine entrepreneurial spirit, business, technical and customer interfacing skills
  • Work with leadership to implement and monitor metrics to track success

QUALIFICATIONS:

  • 5+ years’ experience managing AWS, Azure and Salesforce Cloud solutions and migrations from on-premise
  • Certifications CISSP and possibly CISM and SSCP. Deep understanding of GDPR and other privacy compliance
  • AWS Pro Architect certification or equivalent
  • Experience with PCI compliance for small company:  QSA, Pen testing and Hosting
  • Strong expert level networking: VPN and hybrid environments
  • Seven or more years of experience managing IT security operations, cybersecurity areas. Inclusive of patching, Disaster Recovery plan / testing management.
  • Ten or more years of leadership responsibilities, including strategy, budgeting and people leadership
  • 3+ years of experience in enterprise risk management, penetration tester, red team/incident responder, or as a junior security operations analyst
  • 3+ years of experience with regulatory compliance and information security management frameworks (such as International Organization for Standardization [IS0] 27000, COBIT, National Institute of Standards and Technology [NIST] 800)
  • Superior organizational skills, with a disciplined approach to implementation, support and documentation
  • Proven success in building and nurturing teams with a focus on optimizing performance, engagement, and productivity
  • A results-driven leadership style, with the ability to problem-solve and engage the commitment of others in a fast-paced environment
  • Strong program, project, and process management skills
  • Subject Matter Expertise Requirements for Security, Cloud, & Infrastructure Practice
  • Solid understanding of current and emerging disaster recovery, security and threat vulnerability management practices
  • Ability to influence and break down silos within an organization as well across organizations
  • Ability to communicate complex business / technical challenges in a simplified manner