Lead the execution of XTIUM's enterprise security program, including governance, policy, standards, and control improvement plans.
Own the day-to-day operation of the cyber risk register, including risk intake, scoring, action planning, escalation, and executive reporting.
Direct the Security Manager and coordinate outcomes across ESD, Ascent, and other internal or external stakeholders.
Partner with the CIO, CTO, Delivery, and Product leaders to align security priorities with architecture, operations, and roadmap decisions.
Drive compliance and assurance activities, including customer questionnaires, audit support, evidence collection, and control narratives.
Establish security metrics and operating reviews that track detection, remediation, incidents, exceptions, and control maturity.
Support incident response leadership by guiding decision-making, communications, root-cause follow-up, and corrective actions.

Requirements

8+ years of progressive information security experience, including leadership across security operations, GRC, architecture, or program management.
Experience building or scaling security programs in an MSP, MSSP, managed services, or other technology services environment.
Strong working knowledge of NIST CSF, risk management practices, compliance frameworks, and customer assurance requirements.
Experience owning third-party security partner relationships, including MSSP, MDR, SOC, TVM, or penetration testing providers.
Ability to communicate risk, priorities, and trade-offs clearly to executives, technical leaders, auditors, and customers.
Familiarity with cloud and SaaS security concepts, identity controls, logging, incident response, and vulnerability management workflows.
Bachelor's degree or equivalent experience required; CISSP, CISM, CRISC, or similar certification preferred.

Benefits

Med/Dental/FSA/401(k)
Flexible Paid Time Off

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

information securitysecurity operationsgovernancerisk managementcompliance frameworksincident responsevulnerability managementsecurity metricscontrol improvementthird-party security management

Soft Skills

leadershipcommunicationdecision-makingcollaborationreportingprioritizationproblem-solvingstakeholder managementstrategic alignmentrisk communication

Certifications

CISSPCISMCRISCBachelor's degree