Director of Information Security - CIVIX

Key Responsibilities

• Define and execute the company’s information security strategy, ensuring alignment with business objectives and regulatory requirements.
• Lead security governance, risk management, and compliance programs across cloud, on‑premises, and SaaS environments.
• Oversee security operations, incident response, and threat intelligence to protect corporate and customer data.
• Collaborate with Engineering, Product Management, and Cloud Operations to embed security controls throughout the software development lifecycle.
• Drive product security initiatives, including secure design reviews, threat modeling, and vulnerability management.
• Report security posture and risk metrics to executive leadership and board stakeholders.

Requirements

• 10+ years of progressive experience in information security, with a proven track record in enterprise security leadership.
• Deep expertise in cloud security (AWS, Azure, GCP), SaaS security, and security operations.
• Strong knowledge of governance, risk, and compliance frameworks (ISO 27001, NIST, SOC 2, GDPR).
• Excellent communication skills, able to translate technical concepts to non‑technical stakeholders.
• Hands‑on experience with secure software development practices and threat modeling.