Giro Sport Design · 2 months ago
Sr. Director, Information Security (Security Engineering)
Irvine, CA
Full-time
Onsite
Director/Executive
$200K/yr - $260K/yr
10+ years expGiro Sport Design is seeking a dynamic and action-oriented Sr. Director, Information Security (Security Engineering) to lead their information security function. This hands-on role requires a results-driven leader with deep expertise in cybersecurity who will manage security operations, compliance, and incident response across a global technology organization.
ComputerHardwareManufacturingSporting GoodsSports
Responsibilities
Own and execute the information security strategy across the organization, ensuring alignment with business goals
Actively manage day-to-day security operations, including threat detection, response, and remediation, as well as overseeing the performance and integrity of security tools and platforms
Lead incident response efforts, personally directing or delegating tasks to internal teams (security specialists, server, and network management teams) to ensure swift and effective remediation of threats
Ensure that the organization meets all security governance, risk management, and compliance requirements (e.g., GDPR, CCPA, PCI-DSS, SOX), taking direct ownership of audits and compliance initiatives
Comfortable stepping into the middle of security issues and leading the organization (technical & non-technical) to effective solutions
Have a servant leadership attitude on the area of security awareness. Seek moment when the organization can learn and improve our security stance
Be an active 'doer' who works closely with technical teams, ensuring successful implementation of security measures across infrastructure, network, and application layers. This involves pulling technical resources from different IT functions into dynamic work groups to find solutions to problems
Take ownership of security solutions by working with owners of tools (SIEMs, firewalls, endpoint protection, etc.), ensuring they are properly configured, monitored, and reported
Lead vulnerability management, penetration testing, and patch management processes, driving teams to timely and efficient results
Work in a matrixed environment, coordinating security efforts across multiple teams (server, network, applications) where direct management isn’t always possible. Collaborate and lead through influence and directive leadership
Act as a hands-on leader for internal and external security teams during critical security incidents, ensuring timely responses, escalation, and communication to executive teams when needed
Provide actionable guidance and security expertise to other technology teams, helping them understand and implement security best practices in their daily operations
Provide a practical view of security issues and resolution. In a world where issue can be 'anywhere', you need to focus us on those areas most important to our secure operation
Oversee audit and compliance activities, ensuring that security policies and controls are adhered to and can withstand external audits and internal reviews
Develop and deliver timely reports on the security posture to the executive team, CIO, and stakeholders, ensuring transparency and actionable insights without overburdening the organization with bureaucratic oversight
Communicate with executive leadership and stakeholders (including the board) on security incidents, status updates, and strategic improvements, while maintaining a strong focus on execution over long-winded discussions
Strong written and verbal communication skills. Capable to talking with technicians in one moment and easily transitioning to updating business executives
Balance high-level board interaction with operational rigor, ensuring alignment between security initiatives and business priorities while maintaining a bias for hands-on execution
Stay informed of the latest cybersecurity threats, vulnerabilities, and technologies, ensuring that the organization stays ahead of evolving risks
Continuously improve security policies, procedures, and tools to strengthen the organization's overall security posture
Qualification
Required
Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field (Master's preferred)
10+ years of progressive experience in information security leadership roles
Demonstrated ability to lead hands-on operational security work, incident response, and remediation
Proven track record in leading security teams and collaborating across matrixed organizations
Strong knowledge of consumer packaged goods industries and security challenges in wholesale, retail, and eCommerce channels
Deep knowledge of cybersecurity frameworks (NIST, ISO 27001) and security technologies (SIEMs, firewalls, EDR, cloud security)
Experience with incident response, threat hunting, and vulnerability management in fast-paced environments
Strong understanding of security in cloud environments (AWS, Azure, Google Cloud) and enterprise networks
Strong leadership presence with a bias for action and the ability to operate in high-stress situations
Excellent communication skills, with the ability to translate technical concepts into actionable business insights
Ability to balance executive communication with hands-on leadership and execution of security initiatives
Benefits
Medical and dental
Vision
Disability and life insurance
401K
PTO
Paid holidays
Gear discounts
Company
Giro Sport Design
Giro was founded more than 30 years ago by Jim Gentes, a man with an obsession for design and answering unmet needs.
51-200 employees
Funding
Current Stage
Growth StageCompany data provided by crunchbase