Director Associate Information Security

OverviewJoin an amazing team that is consistently recognized for our achievements and culture, including our most recent Forbes award of being one of America's Best Midsize Employers for 2026!We are seeking a Associate Director, DevSecOps Security Operations Center (SOC). This role will lead our information security monitoring and response posture through 24x7x365 monitoring, detection, and response. You will drive our DevSecOps Security Operations Center — built on low-false-positive alerting, automated response, and AI — to the next level of maturity.The ideal candidate is experienced with anticipating threats, enhance advanced prevention capabilities, and leverage deep expertise in data, tooling, integrations, and team development to stay ahead of evolving risks. This role requires a strong people leader that also has experience leading Managed Security Service Providers (MSSP), Managed Data Detection & Response (MDDR), and Endpoint Detection & Response (EDR) teams. You will lead your security services using a distributed model under consolidated leadership (YOU).If you work and think at this next level of security leadership, we want to hear from you.Geo-Salary InformationAn in-person interview may be required during the hiring processState specific pay scales for this role are as follows:$118,078 to $330,661 (CA, NJ, NY, WA, HI, AK, MD, CT, RI, MA)$118,078 to $330,661 (NV, OR, AZ, CO, WY, TX, ND, MN, MO, IL, WI, FL, GA, MI, OH, VA, PA, DE, VT, NH, ME)$118,078 to $330,661 (UT, ID, MT, NM, SD, NE, KS, OK, IA, AR, LA, MS, AL, TN, KY, IN, SC, NC, WV)The expected base salary for this position will vary depending on a number of factors, including relevant experience, skills and location.ResponsibilitiesEssential Job Functions:The essential function of this position is to be accountable as an information security architect for supporting the information security program within IT and business initiatives.Management and leadership of Information Security personnel.Provide Information Security subject matter expertise and security consulting to IT projects and initiatives using information security standards, best practices and approaches, with an emphasis on application security.Develop Information Security requirements across the enterprise for data protection, network protection, and application protection and compliance with regulatory requirements for protection of information.Conduct threat analysis for systems or applications including analysis of current and known security exposures, planning for remediation of exposures, staged and planned penetration testing, vulnerability assessment and analysis of results.Conduct research on best practices, emerging technologies and threats as it relates to Information Security.Act as subject matter expert on security related control testing, control remediation and incident response.Other functions that may be assignedQualificationsEducation:Bachelor of Science Degree in Information Technology or equivalent professional experience.CISSP certification or equivalent is highly desirable.SANS certifications or equivalent are desirable.CISA or additional security certifications are desirable.Experience:Minimum:22 - 25+ years of work experience in multiple fields of Information Technology with an emphasis on Information Security.12+ years of this experience, directly in the Information Security field.5+ years experience in a leadership/management role directly leading people. Preferred: Available to be on-call in support of leading a 24x7x365 SOC environment.Working experience with Intrusion Detection, Firewall Monitoring, System Monitoring.Working experience and ability to conduct application / system Penetration Testing / OWASP using industry standard tools.Extensive knowledge of Security Policy, Standards, Guidelines, and Process Development.Detailed knowledge of secure architectures and their design.Knowledge and Skills:Experience in an Commander role in security Incident Response processes.Detailed knowledge of web application development (Java, .Net, Secure configurations).Working experience collaborating with development teams to understand and remediate application security vulnerabilities.Working experience and ability to conduct network vulnerability testing and remediation.Working experience and ability to conduct Threat Analysis.Strong knowledge of Virus, Worms and Other Malware (Prevention/Detection) and Incident Response.Strong knowledge of Encryption / Tokenization / Key Management.Strong knowledge of access control technologies.Excellent knowledge of Operating systems and platforms (UNIX, Windows, Virtualization, etc.).Working knowledge of network security (Routing, switching, TCP/IP, DNS, Architecture, WLAN).Working knowledge of state privacy laws and the PCI DSS. Ability to work with all levels of personnel within the IT department and departments external to IT, in a dynamic and challenging environment.Must consistently maintain a professional demeano