Mark43 - Director, Cyber Security
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• We're looking for a seasoned cybersecurity leader who can balance strategy and execution in a fast-moving, highly accountable environment. • 10+ years of cybersecurity experience, with at least 4–5 years in a leadership role managing teams in a cloud or SaaS environment • Deep, hands-on experience leading programs across security operations, application security, IAM, vulnerability management, and data protection • A real track record of building and running metrics-driven security programs — you should be able to walk us through your dashboards and what they tell you • Experience working in regulated and customer-facing environments with frameworks such as FedRAMP, NIST, CJIS, HIPAA, or similar; experience in public safety or government technology is a plus • Proven ability to lead complex, cross-functional initiatives across Security, Engineering, Product, IT, GRC, and executive stakeholders • Comfort with AI and automation tools as part of a modern security program • Strong written and verbal communication skills, with the ability to turn technical issues into clear plans, decisions, and strategies • Based in or willing to relocate to the Boston area, with the ability to come into the office several days per week • People who thrive in this role tend to be: • Data-driven leaders who use metrics to improve, not to protect themselves • Strategic and pragmatic, with a strong instinct for where to invest and how to move • Collaborative and influential — able to build trust and credibility with technical teams who will challenge them • Champions of automation and AI as tools that make security teams more effective • Calm under pressure, especially when incidents or competing priorities create ambiguity • Visible and present as a leader — not heads-down managers, but someone the whole company knows and trusts • Mission-driven, with a clear understanding of why secure, reliable technology matters for the communities we serve • Our Privacy Notice describes how Mark43 uses and protects the personal information of prospective employees during the recruitment process. It informs you about our handling of the personal information you provide to us when you apply for a position in our organization and in general when you express your interest in joining our team. • As a part of Mark43's security measures all employees must: Engage in appropriate use of the company's electronic information resources; Become knowledgeable about and follow relevant security policies and guidelines; Protect the resources under their control, such as passwords, computers, and data that they create, receive, or download; and Promptly report security-related incidents and violations, and responding to official reports of security incidents involving their systems or accounts.
Responsibilities
• Security Strategy & Roadmap Ownership • Build, own, and drive a multi-year cybersecurity roadmap that is tied to business priorities and risk reduction — not just reactive tasks • Serve as the internal face of the cybersecurity program; every team at Mark43 should know who you are, understand the strategy, and know to come to you first • Translate complex security challenges into clear plans and decisions for engineering teams, product leaders, and executive stakeholders • Partner with Engineering, Product, and IT to embed security into systems, workflows, and decision-making from the start • Metrics, Data & Continuous Improvement • Lead with data. Build and maintain a metrics program that tracks Security Operations ticket volume, themes, and SLAs; vulnerability aging and remediation rates; incident response investigation counts and patterns; and other KPIs that reflect the health and progress of the program • Use that data to drive decisions, identify trends, and push the team to improve — not to justify headcount requests without evidence • Regularly report on program health to leadership with clear, honest analysis of where we are and where we need to go • Challenge the team to do more with what we have before asking for more resources • Automation & AI-Driven Security • Champion the use of automation and AI tools across security operations, vulnerability management, and threat detection — with appropriate human-in-the-loop controls where needed • Identify practical opportunities to reduce manual work, speed up response times, and improve coverage through smart tooling • Build a culture within the security team that sees AI as an opportunity, not a threat to avoid • Stay current on AI-related security risks and work with GRC and Product on responsible AI governance • Security Operations & Incident Response • Lead and mature the Security Operations function, ensuring coverage, responsiveness, and quality across alerts, investigations, and escalations • Strengthen incident readiness through clear runbooks, escalation paths, tabletop exercises, and post-incident reviews that actually improve the program • Own the incident response lifecycle and ensure the team is always practicing, not just planning • Advance vulnerability management with a data-driven approach to prioritization, remediation tracking, and risk-based decisions • Application Security, IAM & Data Protection • Drive progress across application security, identity and access management, vulnerability management, and data protection programs • Partner closely with R&D and Product teams who have strong security knowledge — earn their respect through credibility, not just authority • Evaluate and respond to risks related to AI integration, new product features, and emerging technologies • Compliance & Customer Trust • Work with GRC and customer-facing teams to support audit readiness, security reviews, and customer assurance efforts across FedRAMP, NIST, CJIS, and other applicable frameworks • Help prioritize security investments and remediation based on risk, compliance requirements, and business impact • Team Leadership & Culture • Coach and develop leaders and team members across the security function, building a culture of ownership, accountability, and execution • Create an environment where the team is proud of their data, their metrics, and their results — not just their effort
No credit card. Takes 10 seconds.