Senior Director, Global Cyber Defense at Granicus LLC
Granicus provides technology and services that empowers government organizations to create seamless digital experiences for the people they serve. By offering the industry's leading cloud-based solutions for communications, content management, meeting and agenda management, and digital services to over 5,500 public sector organizations, Granicus helps turn government missions into quantifiable realities. Come see the impactful work we've done on communities across the country (and world!): https://granicus.com/success-stories/
Granicus is looking for a Global Head of Cyber Defense. Granicus is the largest cloud solutions provider for government and provides technology that empowers government organizations to create better lives for the people they serve. We operate globally, with business units and customers in US, Canada, UK, EU, Australia, New Zealand.
This position will be accountable for leading Granicus' cyber defense program globally, defending our business from external and internal threats. As the Head of Cyber Defense, you will lead our Security Operations Center, which includes cybersecurity monitoring and response, threat intelligence, and threat detection/security engineering capabilities required to enable the global cybersecurity mission. You will also lead and operationalize key programs that protect our business and data, such as Data Loss Protection and Insider Threat. As the leader of the Cyber Defense organization, you will be accountable for all elements of delivery, from defining vision and developing strategy and maturity roadmaps, through implementation, execution, and all ongoing operational activities. Reporting directly to the Chief Information Security Officer, you will be part of the Information Security senior leadership team, working closely with the CISO and your peers to continuously mature security strategy and investments to align with Granicus operating business model and threat environment, aiming to achieve maximum risk reduction while enabling Granicus strategy and growth objectives. You will also work closely with IT and Product Leadership to identify and implement technologies and processes required to enable and continuously mature program effectiveness across the enterprise.
The Global Head of Cyber Defense must be highly collaborative in nature, capable of operating in a fast paced and high growth environment, and able to drive security outcomes through influence as well as direct control. Additionally, the candidate must be able to think critically about corporate strategy and risk landscape, finding an appropriate balance and translating it into clear, specific security maturity objectives.
What You'll Do:
- Lead all global security detection and response activities with the goal of ensuring effective and consistent global posture; maintain and mature visibility requirements and standards (e.g., logging standards), continuously improve SOC response capabilities, and be accountable for all IR/investigations/forensics activities.
- Work with Information Security and IT teams to identify capabilities required to advance the global Cyber Defense mission, participate in or lead security technology selection and implementation/engineering efforts.
- Develop key metrics to measure effectiveness of Cyber Defense capabilities and establish and facilitate forums to provide visibility to performance (e.g., threat briefings, response/detection metrics).
- Mature and expand DLP program, including all operational activities and workflows, partnering with organizations as needed (e.g., HR) to effectively protect sensitive Granicus data.
- Establish and operationalize an Insider Threat program and controls commensurate with rapidly escalating threat environment and Granicus operating model (e.g., continuous M&A activity).
- Remain current on cybersecurity threat landscape and mature SOC capabilities in a commensurate fashion.
- Accountable for budgetary and strategic oversight for all elements Cyber Defense department, including technology licensing, associate compensation, contractor management and service provider contracts; lead budget planning for department during annual planning.
- Support customer facing teams as necessary on matters of Cyber Defense, including assisting with questionnaires, RFPs , or joining customer calls if appropriate.
- Support Granicus compliance and regulatory audits, representing Cyber Defense capabilities.
- Support Granicus' M&A strategy by working closely with acquired companies to integrate them into Incident Response technologies and processes.
Who You Are:
- 10+ years of multi-disciplinary Information Security and Information Technology experience.
- 5+ years of hands-on operational cybersecurity experience
- 5+ years of cybersecurity leadership experience
- Detailed understanding of offensive cybersecurity tactics, techniques, and procedures.
- Demonstrated experience in creating communication channels and operational processes with external stakeholders, including IT, Human Resources, Legal, Communications, and Employee Relations teams, to effectively manage incident response, insider threat, or DLP violation scenarios.
- Ability to work in a highly dynamic environment, within an extremely fast paced, high growth company.
- Broad knowledge across all relevant facets of a holistic, modern cybersecurity program, including strong understanding of current and emerging trends and threats.
- Strong understanding of common best practices, frameworks and regulations (NIST 800-53, ISO 27001, FedRAMP, MITRE ATT&CK, CIS, etc).
- Demonstrated track record of efficient, scaled delivery with small teams, directly taking on and providing deliverables with limited resources, including standing up capabilities ground-up.
- Experience with M&A, including contributing to due diligence and managing integration of acquired companies into Cyber Defense processes.
- Ability to articulate cyber risk to business leaders within the context of corporate strategy and threat environment.
- Strong technical aptitude, including demonstrated ability to understand deeply technical constructs outside of Cyber Defense scope, extrapolate relevant risk, and formulate tradeoffs; ability to quickly ramp up on technical topics to provide relevant input.
- Excellent executive presentation and communication skills.
- Ability to lead through influence, including at executive levels.
Granicus is subject to the Executive Order requiring employees of federal contractors to be fully vaccinated for COVID-19.