Senior Director, Security Development and Operations
Share
Job Location:
Monthly Salary:
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
Why Ryan
Hybrid Work Options
Award-Winning Culture
Generous Personal Time Off (PTO) Benefits
14-Weeks of 100% Paid Leave for New Parents (Adoption Included)
Monthly Gym Membership Reimbursement OR Gym Equipment Reimbursement
Benefits Eligibility Effective Day One
401K with Employer Match
Tuition Reimbursement After One Year of Service
Fertility Assistance Program
Four-Week Company-Paid Sabbatical Eligibility After Five Years of Service
Duties and responsibilities as they align to Ryans Key Results
People:
Team Leadership and Development:
- Lead mentor and grow a high-performing team of security practitioners including engineers analysts and architects fostering a culture of continuous learning and collaboration.
- Provide guidance and hands-on training to elevate team capabilities in penetration testing incident response and threat hunting.
- Identify skill gaps promote professional development and ensure alignment of security team activities with organizational goals.
Client:
Security Controls and Solutions Management:
- Develop and maintain foundational security controls and solutions including Endpoint Detection and Response (EDR) SIEM platforms Email Security systems and Cloud Security controls.
- Evaluate select and optimize security technologies to ensure comprehensive threat coverage alignment with regulatory requirements and cost-effective risk reduction.
- Collaborate with stakeholders to ensure solutions integrate seamlessly with existing infrastructure and workflows.
Value:
Secure SDLC and Architecture:
- Partner with engineering product and IT teams to design and maintain a robust Secure SDLC embedding security controls and checks throughout the development pipeline.
- Review and refine security architecture to ensure that applications and infrastructure adhere to best practices and industry standards.
- Integrate automated security testing code analysis and vulnerability scanning into development workflows to minimize risk and accelerate secure code delivery.
Incident Response and Threat Management:
- Oversee the continuous improvement of incident response playbooks and processes ensuring efficient repeatable workflows for detecting and addressing security incidents.
- Direct proactive threat hunting initiatives leveraging threat intelligence advanced analytics and tooling to identify and mitigate risks before they can be exploited.
- Guide the implementation of remediation strategies and assess their efficacy against emerging threats.
Penetration Testing and Security Assessments:
- Establish and evolve a formal penetration testing program ensuring the use of recognized methodologies (e.g. OWASP PTES) and industry-standard tools.
- Ensure the team remains current on penetration testing best practices regularly assessing critical systems applications and infrastructure.
- Oversee the documentation and presentation of penetration testing findings including recommended remediation steps and timelines.
Metrics KPIs and Reporting:
- Define implement and regularly review KPIs and metrics to quantify the effectiveness and maturity of security operations development practices and threat management efforts.
- Communicate program performance and trends to executive leadership along with data-driven recommendations for continuous improvement.
- Maintain transparency and accountability by delivering clear concise reports that highlight progress challenges and opportunities.
Other Threat Management Duties as assigned
Education and Experience:
- Bachelors degree in Computer Science Cybersecurity Information Systems or related field; Masters degree preferred.
- 12 years of progressive experience in cybersecurity including leadership roles overseeing SOC operations secure development practices and proactive threat management.
- Demonstrated success in guiding teams through complex security initiatives and maturing security programs.
Computer Skills:
- Strong proficiency in both Microsoft Windows and Linux operating systems.
- Ability to write and understand code and scripting languages (e.g. Python Bash PowerShell) for automation tooling integration and validation of security controls.
- Understanding of common penetration testing methodologies and primary security assessment tools (e.g. Nmap Metasploit Burp Suite).
- Knowledge of foundational security controls (EDR SIEM Email Security gateways Cloud Security platforms) and their strategic deployment.
- Familiarity with regulatory frameworks compliance standards (e.g. NIST CSF 2.0 SOC2) and industry best practices.
Certificates and Licenses:
- CISSP OSCP CEH GCIH or similar certifications preferred.
- Valid drivers license required.
Supervisory Responsibilities:
- This position will have supervisory responsibilities overseeing multiple security team members and functions.
Equal Opportunity Employer: disability/veteran
#DICE
Required Experience:
Exec
Key Skills
- Employee Relations
- Employee Evaluation
- Management Experience
- Profit & Loss
- Conflict Management
- Operations Management
- Project Management
- Budgeting
- Leadership Experience
- Supervising Experience
- Leadership management
- Financial Planning
About Company
Ryan is a global tax services, software, and technology firm providing an integrated suite of federal, state, local, and international tax services to companies across the world.
