Job Title: Director, Security Location: Remote/Hybrid - USA Reports to: Chief Information OfficerDepartment Name: Information TechnologyPosition Type:
Full Time, ExemptPosition SummaryThe Director, Security is responsible for establishing and leading Rubicon's enterprise security strategy to protect date, ensure regulatory compliance, and safeguard the integrity of the SaaS platform and partner ecosystem. Reporting to the Chief Information Officer, this role oversees the development and enforcement of security policies, risk management frameworks, and governance structures, while directing day-to-day security operations. Working cross-functionally with Technology, Operations, and business stakeholders, this leader drives continuous improvement in security posture, operational resilience, and audit readiness.
Essential Duties & Key Responsibilities- Direct the development and enforcement of enterprise security policies and roadmaps to safeguard data and ensure compliance across our SaaS platform.
- Develop, implement, and evolve a comprehensive risk management control framework designed to proactively safeguard our platform and partner ecosystem against both current and emerging risks; establish enterprise-level KPIs that provide Leadership with visibility into technical risk posture and operational health.
- Oversee day-to-day security activities, including: vulnerability management; incident response; identity access management; infrastructure, endpoint, and network security; and SOC operations.
- Lead the evolution of governance efforts utilizing industry frameworks; manage security audits and lead cross-functional teams to mitigate deficiencies and ensure satisfactory assessments.
- Assess security monitoring and develop programs to ensure the operational resilience of critical infrastructure in alignment with enterprise-wide business continuity objectives.
- Establish and refine a scalable governance architecture that aligns our security posture with appropriate standards while rationalizing redundancies, optimizing controls, and reducing operational overhead while maintaining rigorous oversight.
- Lead multi-disciplinary task forces and collaborate with various stakeholders to implement change management and improve compliance while managing risk exposure.
- Build, lead, and develop a high-performing team.
- Set clear goals, priorities, and performance expectations; ensure accountability.
- Provide regular coaching, feedback, and performance management.
- Drive employee engagement, team culture, and a positive work environment.
- Lead hiring, onboarding, and employee development efforts.
- Ensure compliance with company policies, practices, and partner with HR on employee matters.
- Ability to travel and/or work onsite up to 10% on an annual basis.
- Perform other duties as assigned or apparent.
Supervisory Responsibilities:- This job has direct and indirect supervisory responsibilities
Experience & Qualifications:- High School Diploma and Bachelor's degree in Security, Cybersecurity, Computer Science, Business or a related field required.
- In lieu of a degree, 10+ years of experience in information security, IT risk, compliance, auditing, or a related role.
- Proven experience managing audits and coordinating with external assessors and regulators.
- Broad exposure to cybersecurity and compliance processes and activities, including security strategy, incident response, threat and risk assessment, network security, and operational resilience.
- A comprehensive suite of certifications is highly preferred, including CISM, CISSP, CISA, CPA, and CRMA.
- Strong verbal and written communication skills, with the ability to translate technical and compliance risks into business impact.
- The ability to act and operate appropriately in both a remote and in-office setting.
- Ability to work cooperatively and collaboratively with all levels of employees and management to maximize performance, creativity, problem solving, and results.
- Strong organizational skills with the ability to manage multiple priorities and deadlines.
- A proactive, can-do attitude with a willingness to take ownership of tasks and drive them to completion.
- Travel and/or onsite work will be on up to 10% on an annual basis.
Physical Demands and Working EnvironmentThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodation may be made to enable individuals with disabilities to perform the functions.
- While performing the duties of this job in both a home and office setting, the employee is regularly required to work on a computer for extended periods of time.
- Frequent use of a computer requires fine motor skills and hand-eye coordination.
- Ability to sit for extended periods while working from home, in the office, or a designated workspace.
- Ability to perform tasks that require sustained attention and focus.
- Occasional lifting of materials up to 25 pounds.
- Travel to attend team meetings and company events is required. Travel may include local, regional, or overnight trips and may require the ability to travel by car, plane, or other means of transportation.
- To facilitate working from home, and as a requirement for this role, the employee must provide reliable internet connection with sufficient bandwidth to execute all job functions and technology setup conducive to remote work. The company laptop will be provided.
- When working onsite, the employee will collaborate with colleagues in a typical office environment, which may require navigating office spaces, attending in-person meetings, and using shared office equipment.
- A quiet, distraction-free workspace is required for maintaining productivity.
- Collaboration with team members may occur through both virtual meetings and on-site interactions.