Senior Director, Security

1plusX AG$165K — $220K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Information Security, or equivalent experience.
  • Security certifications preferred: CISSP, CISM, CISA, or similar.
  • 8+ years in information security, with 3+ years in a leadership role.
  • Deep expertise in AWS cloud security and related best practices.
  • Experience with compliance frameworks like SOC 2 and PCI DSS.
  • Strong background in security operations and incident response.
  • Ability to communicate security risk to non-technical audiences.

Responsibilities

  • Define and execute TripleLift's security strategy and roadmap.
  • Lead and mentor a team of security engineers, fostering a collaborative culture.
  • Own enterprise security architecture across cloud environments and infrastructure.
  • Drive compliance and governance program maturity, maintaining certifications.
  • Oversee security monitoring and incident response capabilities.
  • Partner with Engineering and DevOps to integrate security into the SDLC.
  • Lead vulnerability management and risk assessment programs.

Benefits

  • Medical, Dental & Vision Plans
  • Flexible PTO
  • 401k with employer match
Full Job Description
Overview

The Director / Senior Director of Security plays a critical role in shaping and executing TripleLift's security strategy across our programmatic advertising platform, cloud infrastructure, and enterprise environment. In this position, you will partner closely with Engineering, Product, Legal, and executive leadership to build a mature, scalable security program that protects our customers, partners, and data-while enabling the business to move fast. This is an exciting opportunity for a security leader who wants to own the full security roadmap, grow and mentor a high-performing team, and drive a culture of security-by-design across a complex, cloud-native adtech environment.

Responsibilities
  • Define and execute TripleLift's security strategy, roadmap, and program priorities in alignment with company objectives, risk appetite, and regulatory requirements.
  • Lead, grow, and mentor a team of security engineers spanning cloud/infrastructure security, GRC, and security operations, fostering a collaborative and high-accountability culture.
  • Own the enterprise security architecture across AWS cloud environments, CI/CD pipelines, and corporate infrastructure-ensuring systems are designed, deployed, and maintained according to security best practices.
  • Drive the maturity of TripleLift's compliance and governance program, maintaining and expanding certifications and frameworks including SOC 2, PCI, NIST CSF, ISO 27001, and HITRUST.
  • Oversee security monitoring, threat detection, and incident response capabilities, including SIEM and EDR tooling, incident response playbooks, and post-incident reviews.
  • Partner with Engineering and DevOps to embed security into the SDLC-integrating automated security controls into CI/CD pipelines and promoting secure-coding standards across development teams.
  • Lead vulnerability management and risk assessment programs, including regular audits, penetration testing, and remediation tracking across cloud and application environments.
  • Serve as a key stakeholder and subject matter expert for security-related vendor evaluations, customer due diligence questionnaires, and contract reviews.
  • Communicate security posture, risks, and program progress to executive leadership and the board, translating technical complexity into clear business context.
  • Cultivate a company-wide security awareness culture through training, policy development, and ongoing education programs.


Education & Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related technical field, or equivalent professional experience.
  • Relevant security certifications strongly preferred: CISSP, CISM, CISA, or equivalent.
  • 8+ years of progressive experience in information security, with at least 3 years in a leadership or management role overseeing security engineers or analysts.
  • Deep expertise in AWS cloud security-including IAM, VPC architecture, logging/monitoring, and cloud-native security tooling-with hands-on implementation experience.
  • Demonstrated track record building or significantly maturing a security program, including ownership of compliance frameworks such as SOC 2, PCI DSS, NIST CSF, or ISO 27001.
  • Strong background in security operations: SIEM/EDR management, incident response, threat hunting, and vulnerability management.
  • Experience embedding security into DevSecOps workflows, including IaC (Terraform, CloudFormation), CI/CD pipeline security controls, and secure-coding remediation programs.
  • Proven ability to influence cross-functional stakeholders and communicate security risk in business terms to non-technical audiences including executive leadership.
  • Experience in a fast-paced, cloud-native environment; adtech, martech, or SaaS industry background a plus.
  • Excellent written and verbal communication skills with a track record of building strong relationships across engineering, legal, finance, and go-to-market teams.


US Jobs: The base salary range represents the low and high end of the TripleLift US salary range for this position. Actual salaries will vary depending on factors including but not limited to experience and performance. The range listed is just one component of TripleLift's total compensation package for employees. Other rewards may include bonuses, an open Paid Time Off policy, and many region-specific benefits.

Pay is based on various non-discriminatory factors including but not limited to experience, education, and skills.

Benefits Available to Eligible Employees Include the following*:
  • Medical, Dental & Vision Plans
  • Flexible PTO
  • 401k w/ employer match

*Full-time employees are eligible for comprehensive benefits (subject to the terms of applicable plans/policies/agreements, which will be made available to you after commencing employment).

Salary range transparency

$165,000-$220,000 USD

About 1plusX AG

1plusX AG is a data management platform that provides audience targeting and analytics for digital advertising. The company's platform uses machine learning and artificial intelligence to analyze user behavior and provide insights into audience segments and ad performance. 1plusX's clients include publishers, advertisers, and advertising agencies.
Learn more about 1plusX AG
Size
50 employees
Industry
Founded
2014

Similar Jobs

More Jobs at 1plusX AG

  • Senior Director, Security
    $165K — $220K *
    New York, NY 10025 (New York County)
    Information Technology
    In-Person
  • Account Manager
    $95K — $115K *
    New York, NY 10025 (New York County)
    Business Services
    In-Person
  • Account Manager
    $95K — $115K *
    Chicago, IL 60629 (Cook County)
    Business Services
    In-Person
  • Partner Manager
    $70K — $500K+*
    New York, NY 10025 (New York County)
    Business Services
    In-Person
  • Revenue Marketing Manager
    $80K — $110K *
    Chicago, IL 60629 (Cook County)
    Enterprise Technology
    In-Person

More Information Technology Jobs

Find similar Senior Director, Security jobs: