Director of Security

🕒 vor 1 Monat

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Crete Professionals Alliance

WebsiteLinkedInAlle Stellen

51 - 200 Mitarbeiter

Crete Professionals Alliance (Crete PA) ist ein kooperatives Netzwerk von Buchhaltungs- und professionellen Dienstleistungsunternehmen. Das Crete PA-Modell ist darauf ausgelegt, die Kraft lokaler Marken und Kulturen mit nationalen Plattformfähigkeiten zu kombinieren, um Wachstumschancen für das Geschäft und Karrieremöglichkeiten für unsere Mitarbeiter zu schaffen. Mit unserer Partnerschaft gilt: Wenn das Unternehmen gewinnt, gewinnen wir alle. #TeamCrete

Beschreibung

• Own the enterprise information security, compliance & business continuity program across Crete (corporate) and all member firms. • Build standardized, scalable security controls, governance, and operations across multiple independent control environments. • Define the multi-year security strategy and roadmap across Crete and member firms in a federated model. • Establish and maintain the security policy framework, standards, and minimum control baseline across all firms. • Build security operating rhythms and executive reporting: KPIs, risk posture, incident trends, audit/compliance status, and program progress for Crete leadership and firm leaders. • Partner with IT, data, and engineering leadership to embed security into operations, architecture decisions, and change management across the portfolio. • Lead security diligence for M&A: current-state control assessments, key risk identification, remediation estimates. • Drive security integration of new firms (people/process/technology) across separate environments. • Provide security architecture oversight for cloud and hybrid environments with emphasis on Azure, Intune, and Microsoft Defender. • Oversee day-to-day security operations: vulnerability management, patch/risk prioritization, endpoint and email security, tooling lifecycle, and event triage. • Manage third-party MDR/SOC providers and drive continuous improvement of monitoring outcomes. • Own the incident response program end-to-end: runbooks, tabletop exercises, ransomware preparedness. • Implement consistent risk management across firms – periodic assessments, control testing, remediation tracking. • Support member firms with client-driven security and compliance requirements (NIST CSF, CIS, SOC 2 Type II). • Lead security awareness and training programs tailored to professional services workflows. • Lead, coach, and develop the cybersecurity team.

🎯 Anforderungen

• 10+ years of progressive experience in information security or cybersecurity. • 3+ years leading and developing security teams. • Demonstrated M&A, private equity, or roll-up experience. • Strong understanding of cloud security principles with hands-on Azure and Microsoft security experience. • Experience managing and governing compliance standards (NIST, CSF, CIS, and SOC2 Type II preferred) • Experience managing business continuity programs and lifecycle • Microsoft Azure/Intune experience • Experience managing third-party security services (MDR/SOC, IR retainers, testing vendors). • Proven ability to design and run a complete enterprise security control program. • Excellent stakeholder management and executive communication skills. • Bachelor’s degree or equivalent experience; security certifications preferred (CISSP). • Professional services experience and/or accounting and CPA firm experience strongly preferred.

🏖️ Vorteile

• Offers Bonus