Director, Information Security

Job not on LinkedIn

November 4

Apply Now

Receive Emails with Similar Jobs

Michael Saunders & Company

WebsiteLinkedInAll Job Openings

Real Estate • Luxury • eCommerce

Michael Saunders & Company is a licensed real estate broker based in Sarasota, Florida, specializing in luxury real estate services. With nearly 50 years of experience, the company operates 17 real estate offices and employs over 600 agents across Sarasota, Manatee, and Charlotte counties. They offer a range of services including buying and selling homes, title insurance, rental services, and relocation assistance, while also being partnered with Forbes Global Properties to provide exclusive opportunities in the luxury market.

501 - 1000 employees

Founded 1976

🏠 Real Estate

🛍️ eCommerce

📋 Description

• Define and lead Suzy’s security roadmap, spanning endpoint, identity, network, and cloud domains. • Serve as a trusted advisor to leadership on security risk and technology priorities. • Foster a company-wide culture of security through education, influence, and automation. • Partner with the GRC lead to ensure technical controls map effectively to compliance frameworks. • Own the security strategy for Suzy’s global workforce footprint, including offshore vendor engagements, ensuring consistent security posture across diverse geographies, device management practices, and access models. • Own identity governance and access control within Azure Entra ID. • Design and enforce RBAC, group-based access, and conditional access policies — ensuring no direct access assignments. • Oversee access review cycles, privileged identity management (PIM), and lifecycle automation tied to HR systems. • Continuously refine authentication and authorization mechanisms to support zero-trust principles. • Oversee MDM operations via macOS and Windows (e.g., Kandji, Intune) to ensure configuration compliance, patch management, and device hardening. • Manage and optimize EDR solutions (e.g., CrowdStrike, SentinelOne) for proactive threat detection, response, and telemetry integration. • Drive automation of device onboarding, policy enforcement, and endpoint health reporting. • Collaborate with IT to ensure all endpoints align with Suzy’s security baselines. • Lead deployment and tuning of Zscaler and Netskope to secure web traffic and prevent data exfiltration. • Create adaptive DLP policies balancing protection and business enablement. • Integrate DLP and SASE event data into centralized monitoring and alerting pipelines. • Partner with engineering and operations to optimize traffic routing and data protection across the environment. • Own Suzy’s SIEM infrastructure (Azure Sentinel or equivalent), including rule creation, correlation logic, and escalation workflows. • Oversee vulnerability assessments, penetration tests, and incident detection and response processes. • Lead and document incident response activities, including post-incident reviews and corrective action plans. • Manage security vendor relationships, ensuring effective integration and performance of managed services. • Work closely with Suzy’s product and engineering teams to conduct business continuity and disaster recovery testing and readiness. • Oversee cloud workload protection and posture management through Orca Security, Wiz, or equivalent CNAPP platforms. • Monitor and remediate cloud misconfigurations, vulnerabilities, and IAM risks. • Collaborate with DevOps to integrate CNAPP insights into CI/CD pipelines for continuous risk reduction. • Guide secure architecture reviews for new cloud deployments and application integrations.

🎯 Requirements

• 5+ years of experience in information security, with ideally 2 years in a management or leadership capacity. • Proven experience leading or contributing to enterprise security programs across endpoint, identity, and cloud domains. • Deep understanding of ISO 27001, SOC 2, ISO 42001, and NIST frameworks. • Strong communication and leadership skills with the ability to translate technical risk to business impact. • Demonstrated ability to build and scale teams, prioritize initiatives, and drive measurable results. • Certifications such as CISSP, CISM, SSCP, or Azure Security Engineer Associate (AZ-500). • Hands-on experience with MDM (Kandji, Intune), EDR (CrowdStrike, SentinelOne), DLP/SASE (Zscaler, Netskope), SIEM (Azure Sentinel or equivalent), Azure Entra ID (RBAC, Conditional Access, PIM), and CNAPP (Orca, Wiz). • Experience integrating tools with SIEM/SOAR platforms for end-to-end automation. • Familiarity with GitHub Advanced Security, secret scanning, and secure code practices. • Experience leading tabletop exercises and developing IR playbooks.

🏖️ Benefits

• We take care of our employees and their families. We have generous health dental and vision benefits, and our 401K plan vests immediately • A friendly, fun, and collaborative work environment that allows for frequent exposure to executives • The opportunity to make an immediate impact as a part of a fast-growing company