Job purpose The Director - Global Cybersecurity is responsible for managing and maturing the cybersecurity program for Lightera. The scope of the role includes cybersecurity governance, risk, and compliance, security controls and policies, network security, endpoint protection, vulnerability management, security awareness and training, security information and event management (SIEM), and security operations. What will you do? * Establish and maintain information security policies and procedures. * Oversee implementation and maintenance of an information security framework (NIST CSF 2.0). * Assist in developing the annual audit plan with Internal Audit. * Perform annual information security risk assessments. * Direct information security risk assessment activities and response actions. * Manage and develop team knowledge on GRC and data privacy matters. * Define and drive the Security Strategy. * Identify and remediate control weaknesses for compliance. * Lead ongoing security training and awareness program. * Lead incident response, cybersecurity analysis, and SOC operations. * Drive implementation of automation and process efficiencies. * Manage 3rd party cyber risk exposure and vendor security assessments. * Lead security experts and strategic security planning. * Coordinate external resources for the information security program. * Coordinate information security projects and vulnerability assessments. * Provide security guidance for IT projects. * Support client due diligence and audit assessment activities. * Report threat intelligence metrics and KPIs to senior leadership. * Lead incident management and defense coordination. * Evaluate new security services, software, and technology. * Ensure timely renewals of service contracts. * Develop and maintain relationships with key stakeholders. * Monitor and analyze cyber security threats and trends. * Travel both domestically and internationally up to 20% * Other duties and projects as assigned. What do you need to know? To excel in this role, the individual must demonstrate proficiency in each essential duty. The requirements listed below represent the necessary knowledge, skills, and abilities. Reasonable accommodations will be made to enable individuals with disabilities to perform these functions. * Strong understanding and knowledge of computer, network, and security systems. * Expertise in information security, governance, risk management, and compliance. * Solid organizational skills with the ability to multi-task, prioritize workloads, and delegate responsibilities. * Effective stress management in a constantly changing environment. * Excellent judgment and quick decision-making abilities, with innovative thinking in complex situations. * High level of integrity, trustworthiness, and professionalism, representing the company at the highest level. * Strong analytical skills, effectively interpreting and applying applicable regulations and requirements. * Familiarity with common security frameworks such as NIST, ISO, and SOC. * Experience with Microsoft Active Directory and cloud computing, including Microsoft 365, Azure, and AWS. * Knowledge of network security, including architecture, SIEM, IDS, and firewall solutions. * Experience with anti-virus, MDR, and EDR solutions. * Knowledge of Data Loss Prevention. Critical Experience & Qualifications * Bachelor's degree in computer science, information technology, cybersecurity or a related field. * Certifications in information systems security professional (CISSP) or certified information security manager (CISM) or other relevant certifications. * 10 years of experience in IT and/or cybersecurity, with at least 5 years in a leadership role overseeing security operations, risk management, and compliance. * Expertise with information security standards and frameworks including but not limited to ISO27001, NIST, SANS, Cyber Essentials and CMMC. * Demonstrated expertise and leadership in risk frameworks * Strong background in contract negotiations, particularly legal language regarding audits, compliance, and security provisions * Certification as a CISSP, CISA, or other GIAC or related certification(s) desired * Project management experience desirable * Technology experience in a variety of IT environments What do we offer? * Open culture and challenging opportunity to satisfy intellectual needs * Flexible working hours * Smart working: hybrid remote/office working environment * Work-life balance * Excellent, dynamic and multicultural environment * Remote working environment