Senior Director, Engineering, Cybersecurity

Strava - San Francisco, CA

posted 5 months ago

Full-time - Senior
San Francisco, CA

About the position

Strava is seeking a highly experienced Senior Director of Cybersecurity to lead and enhance our cybersecurity strategy and operations. This role is essential in ensuring the protection of our digital assets, networks, and data. The ideal candidate will possess deep technical expertise, strategic vision, and exceptional leadership skills to drive our cybersecurity initiatives and implement a robust defense-in-depth strategy. As the Senior Director of Cybersecurity, you will play a critical role in protecting our digital assets, networks, and data. Your deep technical expertise, strategic vision, and exceptional leadership skills will drive our cybersecurity initiatives and implement a robust defense-in-depth strategy. This is your chance to make a significant impact in a world-class organization. This is a Hybrid role based in our San Francisco office.

Responsibilities

  • Develop and implement a comprehensive cybersecurity strategy aligned with the organization's goals and objectives.
  • Offer guidance and vision to the organization, ensuring the adoption of widely accepted approaches and industry norms, including defense-in-depth principles.
  • Stay abreast of emerging cybersecurity threats, trends, and technologies to proactively address potential risks.
  • Identify, assess, and prioritize cybersecurity risks across the organization.
  • Develop and implement policies, procedures, and protocols to mitigate identified risks through a defense-in-depth approach.
  • Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, CCPA, ISO 27001, NIST).
  • Be responsible for the development and execution of incident response programs, ensuring timely and effective resolution of cybersecurity incidents.
  • Lead post-incident analysis to identify root causes and implement corrective actions.
  • Collaborate with colleagues and external partners to ensure effective incident response activities.
  • Oversee the management and maintenance of security tools and technologies, including firewalls, intrusion detection/prevention systems, and SIEM solutions.
  • Monitor and analyze security alerts and events, ensuring appropriate response and reporting.
  • Perform regular security assessments, vulnerability scans, and penetration testing to identify and address security weaknesses, using defense-in-depth methodologies.
  • Ensure application security by integrating security practices into the software development lifecycle, conducting code reviews, and implementing secure coding standards.
  • Lead and mentor a team of software engineering and cybersecurity professionals, encouraging a culture of continuous learning and improvement.
  • Attract, nurture, and develop top cybersecurity talent to cultivate a team that consistently displays exceptional performance.
  • Develop and implement educational programs to enhance employee understanding of cybersecurity practices and policies.
  • Collaborate with teams from various departments, such as IT and legal, to ensure cybersecurity initiatives are aligned.
  • Communicate cybersecurity risks, strategies, and progress to executive leadership and the board of directors.
  • Serve as a key contact for external partners, auditors, and regulators regarding cybersecurity matters.

Requirements

  • Bachelor's or Master's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
  • Minimum of 15 years of experience in cybersecurity for a highly regulated industry (e.g., finance, healthcare, energy), with at least 5 years in a leadership role.
  • Proven track record of developing and implementing successful cybersecurity strategies, including defense-in-depth.
  • Strong understanding of cybersecurity frameworks, standards, and effective approaches.
  • Extensive knowledge of threat intelligence, risk management, and incident response.
  • Excellent leadership, communication, and interpersonal skills.
  • Relevant certifications such as CISSP, CISM, CEH, or equivalent.
  • Solid experience in project management and familiarity with implementing cybersecurity programs.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service