Jobless Developer

Senior Director, IT Security

Greenville, South CarolinaHybridFull-time

AI Summary

Why GLS?Purpose: Access to affordable, reliable transportation is essential to leading productive work and personal lives, caring well for oneself, one’s family, and the needs of others.

About this role

Why GLS?

Purpose: Access to affordable, reliable transportation is essential to leading productive work and personal lives, caring well for oneself, one’s family, and the needs of others. Through advanced analytics and technology, we can more accurately predict credit risk and provide more people with an affordable auto financing option for their next vehicle. That’s what GLS has done for over 10 years, helping more than half a million families meet and improve their transportation needs.

People: Join a culture of over 1,000 employees who Care Deeply and Think Boldly, driving innovation in an adaptive and positive culture that celebrates successes. We empower and reward individuals and teams who make direct, positive impacts to the business and each other, who take pride in their work and are ever-raising the bar.

Growth: Recognized by Inc 5000 as one of the fastest-growing private companies in America. Join GLS to grow with us!

Benefits: GLS offers the below great benefits for your amazing work!
oCompetitive base pay and performance bonuses, dependent on role
oMedical, dental, vision, telemedicine, supplemental insurance benefits, long-term and short-term disability
o401K with employer match and 100% immediate vesting
oPaid Time Off (PTO) and paid company holidays to help you balance work and personal life
oPaid Volunteer Time Off (VTO) Annually
oTuition Reimbursement
oParental Leave
oBusiness casual work environment

What does it mean to be a Senior Director, IT Security at GLS?

The Senior Director, IT Security is responsible for the strategic leadership, governance, risk management, compliance, and operational execution of the enterprise information security program. This position provides oversight of cybersecurity operations, security architecture, technology risk management, regulatory compliance, third-party risk management, incident response, business continuity, disaster recovery, and emerging technology governance, including artificial intelligence initiatives. The role serves as a trusted advisor to executive leadership, regulators, auditors, and business stakeholders to ensure the confidentiality, integrity, and availability of company information assets while enabling business growth, innovation, and regulatory compliance.

How will you drive value within the organization as a Senior Director, IT Security?

  • Develop and maintain the enterprise cybersecurity strategy, operating model, control framework, and multi-year security roadmap aligned to business objectives.
  • Establish and maintain enterprise security governance processes, standards, policies, risk assessments, control evaluations, and remediation programs.
  • Provide cybersecurity governance reporting, risk metrics, annual program updates, and material cyber-risk reporting to executive leadership, board committees, regulators, auditors, and external stakeholders.
  • Lead enterprise cybersecurity incident response, crisis management, investigations, post-incident remediation, and coordination of third-party security events.
  • Oversee vulnerability management, threat detection, threat intelligence, security monitoring, and security operations capabilities.
  • Direct implementation and management of security technologies including SIEM, EDR, DLP, IAM, PAM, cloud security, and related cybersecurity platforms.
  • Serve as the primary security liaison for regulatory examinations, external audits, compliance assessments, and cybersecurity reviews, including evidence collection, artifact management, response coordination, and remediation tracking.
  • Maintain compliance with applicable regulatory and industry frameworks including GLBA, NYDFS, FTC Safeguards Rule, PCI DSS, NIST CSF, CIS Controls, and other applicable requirements.
  • Oversee third-party cybersecurity risk management, vendor security assessments, critical service-provider monitoring, and regulatory vendor-risk reporting.Establish governance, security, approval, monitoring, and risk management requirements for artificial intelligence, automation platforms, integrations, and emerging technologies.
  • Partner with infrastructure, cloud, data, and application development teams to integrate security-by-design principles into architecture, DevSecOps, Infrastructure as Code, and technology modernization initiatives.
  • Oversee cybersecurity awareness, policy communication, role-based security training, business continuity, disaster recovery, cyber resilience planning, testing, and reporting.
  • Develop departmental objectives, performance metrics, staffing strategies, succession plans, and talent development programs for security personnel.
  • Lead special projects and perform additional responsibilities as required to support the organization’s strategic objectives.

What should you already know to be successful as a Senior Director, IT Security?

  • Bachelor’s degree in Information Security, Cybersecurity, Information Technology, Computer Science, Risk Management, Business Administration, or related field required; Master’s degree preferred.
  • Minimum ten (8) years of progressive experience in cybersecurity, technology risk, audit, compliance, or information security leadership roles.
  • Minimum five (5) years of leadership experience managing security teams, security programs, or enterprise risk functions.
  • Demonstrated experience leading enterprise cybersecurity programs within a regulated industry environment.
  • Strong working knowledge of cybersecurity frameworks including NIST CSF, CIS Controls, ISO 27001, and related industry standards.
  • Experience supporting regulatory examinations, external audits, compliance reviews, and risk assessments.
  • Experience managing third-party risk management, vendor assessments, and supply chain security programs.
  • Knowledge of cloud security architectures, identity and access management, security operations, incident response, and vulnerability management practices.
  • Experience supporting secure software development, DevSecOps practices, Infrastructure as Code, and modern application security principles.
  • Understanding of artificial intelligence governance, technology risk management, and emerging technology security considerations.
  • Professional certifications such as CISSP, CISM, CRISC, CISA, or equivalent certifications preferred.
  • Exceptional analytical, problem-solving, communication, and executive presentation skills.
  • Demonstrated ability to influence business leaders, build cross-functional partnerships, and drive organizational change.
  • Proven ability to think strategically, execute tactically, manage competing priorities, and lead high-performing teams in a fast-paced environment.

Explore related jobs

Browse these categories