PSA
• $212K — $312K *Qualifications
Responsibilities
Benefits
We’re looking for an Information Security Director to join our Cybersecurity team to prioritize the right risks for the organization and partner with cross functional stakeholders to ensure security is incorporated into all aspects of the business.
You’ll report to the VP of Engineering, Information Security and Platforms. Collectors is committed to utilize cybersecurity, risk and privacy best practices across our environment to protect our customers, employees and our brand.
Remote or hybrid candidates will also be considered. We believe that there is significant value in in-person collaboration. If you live within a 1 hour commuting distance to one of our offices, you will be required to be onsite most of the time. This will be discussed further as part of the recruiting process.
What You’ll Do:
Lead the information security program across application security, cloud security, security operations, and GRC, serving as the operational leader responsible for refining and driving the information security roadmap into executed outcomes. We’re focused on ensuring that we’re prioritizing risk reduction over checkbox security and proactively incorporating emerging threats and trends.
Own the security operations function, including detection and response, threat intelligence, incident management, and SOC maturity, ensuring the organization can rapidly identify, contain, and recover from security events.
Drive the application security program, embedding secure development practices, code analysis tooling, and vulnerability management into the SDLC in close partnership with product and platform engineering teams.
Establish and mature cloud security capabilities, defining and enforcing security standards across cloud environments including architecture review, configuration management, workload protection, and cloud-native detection and response.
Oversee governance, risk, and compliance activities, including regulatory and framework alignment (SOC 2, ISO 27001, NIST, HITRUST, or similar), risk assessment processes, policy lifecycle management, and audit coordination.
Partner with Internal Platform teams to define and implement appropriate security guardrails within the environment.
Build and maintain the organization's security risk register, providing the stakeholders with clear, data-informed visibility into the threat landscape, control gaps, and residual risk across the enterprise.
Collaborate cross-functionally with engineering, IT, legal, and privacy stakeholders to embed security into organizational processes and decision-making rather than operating as a gatekeeping function.
Define and track security KPIs and program metrics — such as mean time to detect/respond, vulnerability remediation SLAs, and compliance posture — to measure program effectiveness and define target risk postures across applications.
Lead, develop, and scale a high-performing security organization, managing team leads across multiple disciplines, investing in professional development, and building a culture that balances security rigor with operational pragmatism.
Who You Are:
An experienced security leader with 10+ years in information security, including 5+ years leading security teams across multiple disciplines and at least 2+ years managing managers or cross-functional security functions.
Broad and deep across the security domain. You've built or matured programs spanning AppSec, CloudSec, SecOps/IR, and GRC — and you're comfortable operating across all of them without losing depth in any single area.
Strong in security operations and incident response. You've led or directly overseen SOC teams, detection engineering, and incident response processes, and you understand what it takes to build a mature, metrics-driven detection and response capability.
Technically credible in cloud and application security. You have hands-on familiarity with securing cloud environments (AWS, Azure, or GCP), modern application architectures, CI/CD pipelines, and container-based workloads, and you can engage meaningfully with engineering teams on technical trade-offs.
Well-versed in governance and compliance frameworks. You've led organizations through SOC 2, ISO 27001, NIST CSF, HITRUST, or similar frameworks and can manage audit cycles and regulatory requirements without letting compliance become the sole definition of security.
A strategic partner to the CISO. You're skilled at operationalizing security strategy, translating executive-level priorities into roadmaps and team-level execution, and surfacing risk with clarity and context.
Collaborative by default. You build productive relationships with engineering, IT, legal, and privacy teams, and you approach security as an enabling function rather than a blocker — while still holding firm on non-negotiable standards.
Metrics-oriented and outcome-driven. You use data to measure program health, prioritize investment, and communicate risk to technical and non-technical audiences alike.
A strong people leader and culture builder. You attract and retain top security talent across disciplines, create clear career pathways, and foster an environment where analysts, engineers, and GRC professionals all feel ownership over the mission.
A clear, confident communicator who can brief executives on risk posture, walk engineering teams through threat models, and represent the security organization in cross-functional forums with equal effectiveness.
Salary Range:
The salary range for this position is $212,000 to $312,000. Actual compensation on this range varies based on a variety of non-discriminatory factors, including location, job level, experience, and skill set. This role may be eligible for bonuses, commissions, or other forms of compensation, please ask your recruiter for details.
Reasons To Join Us:
Health Insurance: All full-time employees are eligible to enroll in Medical, Dental, and Vision.
Additional Benefits: Full-time employees are eligible for fertility, commuter, and educational assistance benefits.
401(K) Matching Plan: We are proud to offer a competitive 401k matching plan to our employees to support their future financial goals.
Vacation: All salaried employees are eligible for flexible time-off.
Holiday Pay: All regular, full-time employees are eligible for ten company paid holidays.
Employee Discounts: Employees receive discounts on select grading services for approved submissions.
Flexible Hours: Many of our teams offer flexible schedules with varying shifts and will work with you to accommodate your needs.
Fun Working Environment: Our team members are invited to participate in celebrations, holiday events, and team building activities.
Additional Resources: Collectors Tech Blog, PSA.
Similar Jobs






More Jobs at PSA
More Information Technology Jobs
