Director of Cybersecurity and Compliance
Century Interactive, Dallas, Texas, United States, 75215
Job Type
Full-time
Description
We're a SaaS leader in the retail automotive industry, offering solutions that empower dealerships to optimize operations and enhance customer experience. As we continue to grow, we're committed to maintaining the highest standards in cybersecurity and compliance. We're looking for a Director of Cybersecurity & Compliance to join our leadership team and drive security and compliance initiatives across the organization.
Please note:
Applicants
must
be authorized to work for
ANY
employer in the U.S. We are
unable
to sponsor or take over sponsorship of an employment Visa at this time.
About the Role
The Director of Cybersecurity & Compliance will oversee our information security program, ensuring our organization aligns with all relevant cybersecurity standards and regulations. As a hands-on leader, you will develop and implement security policies, conduct risk assessments, manage a small team, and engage with other departments to ensure security is embedded in all areas of our operations. This role's first major project will be leading our organization through its first SOC 2 Type 2 audit.
Requirements
Key Responsibilities
Develop and lead the security and compliance program, embedding security throughout the company's processes. Cultivate a culture of security awareness, providing training and guidance to foster secure practices across all teams. Advise executive leadership on cybersecurity risks, trends, and compliance obligations. Develop and maintain security policies, standards, and controls, ensuring they align with regulatory requirements and best practices. Conduct regular risk assessments, compliance audits, and manage remediation efforts. Integrate security practices into the software development lifecycle, applying DevSecOps principles. Lead the company's first SOC 2 Type 2 audit, overseeing readiness and remediation for certification. Act as a hands-on leader during security incidents and be directly involved in technical tasks as needed. Configure and manage cybersecurity tools (e.g., SIEM, IAM, EDR) and oversee incident response and monitoring. Lead penetration testing and vulnerability remediation efforts. Partner with cross-functional teams to build and secure data, products, and systems. Manage customer communications on security and compliance matters, ensuring transparency and trust. Brief executive leadership on any changes in relevant regulations or frameworks (e.g., SOC 2, ISO 27001, HIPAA, GDPR, CCPA). Skills & Experience Required
6+ years of experience in cybersecurity and compliance roles with progressive responsibilities. CISSP, CISM, CISA, or similar certifications. Proven experience with SOC 2 audits and managing other common compliance frameworks (ISO 27001, HIPAA, CCPA, GLBA, etc.). Background in developing, implementing, and managing a comprehensive security program. Strong understanding of cybersecurity technologies, tools, and DevSecOps principles. Hands-on experience managing risk assessments, incident response, and tool configuration. Skilled at balancing strategic planning with hands-on execution; able to mentor and guide a team while engaging directly in technical solutions. Strong communicator with the ability to engage technical and non-technical stakeholders. What We Offer
Competitive compensation package, including immediate PTO Comprehensive health and dental insurance 401(k) with company match Wellness benefits, including monthly gym, wellness, and reading allowances Professional development through a company-wide Udemy subscription Catered breakfast Thursdays, Employee of the Month rewards, quarterly company events, weekly happy hours A Collaborative and growth-oriented environment
Full-time
Description
We're a SaaS leader in the retail automotive industry, offering solutions that empower dealerships to optimize operations and enhance customer experience. As we continue to grow, we're committed to maintaining the highest standards in cybersecurity and compliance. We're looking for a Director of Cybersecurity & Compliance to join our leadership team and drive security and compliance initiatives across the organization.
Please note:
Applicants
must
be authorized to work for
ANY
employer in the U.S. We are
unable
to sponsor or take over sponsorship of an employment Visa at this time.
About the Role
The Director of Cybersecurity & Compliance will oversee our information security program, ensuring our organization aligns with all relevant cybersecurity standards and regulations. As a hands-on leader, you will develop and implement security policies, conduct risk assessments, manage a small team, and engage with other departments to ensure security is embedded in all areas of our operations. This role's first major project will be leading our organization through its first SOC 2 Type 2 audit.
Requirements
Key Responsibilities
Develop and lead the security and compliance program, embedding security throughout the company's processes. Cultivate a culture of security awareness, providing training and guidance to foster secure practices across all teams. Advise executive leadership on cybersecurity risks, trends, and compliance obligations. Develop and maintain security policies, standards, and controls, ensuring they align with regulatory requirements and best practices. Conduct regular risk assessments, compliance audits, and manage remediation efforts. Integrate security practices into the software development lifecycle, applying DevSecOps principles. Lead the company's first SOC 2 Type 2 audit, overseeing readiness and remediation for certification. Act as a hands-on leader during security incidents and be directly involved in technical tasks as needed. Configure and manage cybersecurity tools (e.g., SIEM, IAM, EDR) and oversee incident response and monitoring. Lead penetration testing and vulnerability remediation efforts. Partner with cross-functional teams to build and secure data, products, and systems. Manage customer communications on security and compliance matters, ensuring transparency and trust. Brief executive leadership on any changes in relevant regulations or frameworks (e.g., SOC 2, ISO 27001, HIPAA, GDPR, CCPA). Skills & Experience Required
6+ years of experience in cybersecurity and compliance roles with progressive responsibilities. CISSP, CISM, CISA, or similar certifications. Proven experience with SOC 2 audits and managing other common compliance frameworks (ISO 27001, HIPAA, CCPA, GLBA, etc.). Background in developing, implementing, and managing a comprehensive security program. Strong understanding of cybersecurity technologies, tools, and DevSecOps principles. Hands-on experience managing risk assessments, incident response, and tool configuration. Skilled at balancing strategic planning with hands-on execution; able to mentor and guide a team while engaging directly in technical solutions. Strong communicator with the ability to engage technical and non-technical stakeholders. What We Offer
Competitive compensation package, including immediate PTO Comprehensive health and dental insurance 401(k) with company match Wellness benefits, including monthly gym, wellness, and reading allowances Professional development through a company-wide Udemy subscription Catered breakfast Thursdays, Employee of the Month rewards, quarterly company events, weekly happy hours A Collaborative and growth-oriented environment