Director of Cybersecurity

It's a great feeling to work for a company that does so much good for others around the world! Education: • Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related technical discipline required. • Master’s degree in Information Security, Data Management, or Business Administration strongly preferred. Experience: 10 years in cybersecurity or information protection, with at least 5 years in architecture, governance, or program-building leadership roles. Preferred Qualifications: • Relevant industry Certifications such as CISSP, CISM, CDPSE, or SABSA, or equivalents • Experience in regulated industries (e.g., healthcare, finance, non-profit, or government) • Expert understanding of NIST 800-53, ISO 27001, SOC, GDPR and other relevant frameworks. • Hands-on knowledge of network, application, information, endpoint, IoT security, operational and cloud security architecture (Azure, AWS, M365). • Strong understanding of data governance, records management, and information lifecycle controls • Experience working within multi-tenant or affiliate-based environments a plus • Exceptional written and verbal communication skills with the ability to translate complex security concepts into executive-level insights. Summary: The Director of Cybersecurity is a senior strategic role responsible for designing and maturing the enterprise information security and protection program across all affiliates of the FirstDay Foundation. This individual will partner directly with the Chief Data Officer/Chief Information Security Officer to architect a world-class security framework that blends technical excellence with operational practicality. This position is not about day-to-day defense operations; it’s about designing the architecture that makes defense and detection possible. The successful candidate will bring the vision, structure, and technical depth to create a cohesive, scalable, and compliant security ecosystem spanning identity, data, cloud, and application layers. This is a high-impact leadership role that requires technical depth, operational discipline, and the ability to foster collaboration across business units. The ideal candidate is both a tactical executor and a strategic thinker who can help translate vision into outcomes, while mentoring talent and strengthening team performance. Critical Action Items: • Architect the enterprise security framework aligned to NIST 800-53, NIST Privacy Framework, and emerging regulatory requirements. • Design and maintain the information protection roadmap, covering data lifecycle, privacy, encryption, and retention. • Establish cybersecurity architecture standards for cloud, application, and infrastructure security across all affiliates. • Lead enterprise risk assessments and translate findings into actionable technical and governance strategies. • Collaborate with platform owners (Workday, Salesforce, Acumatica, SharePoint, PointClickCare, etc.) to embed secure-by-design principles. • Oversee incident readiness and threat modeling at a programmatic level, not tickets • Develop governance artifacts such as policies, frameworks, and architectural blueprints that define the enterprise posture. • Serve as the principal security architect, advising executive leadership on emerging threats, technology investments, and roadmap alignment. • Mentor and influence cybersecurity, IT, and data professionals to elevate the organization’s overall maturity. Measurable Deliverables: • Establish a cyber maturity dashboard for executives; live metrics covering control health, risk posture, and incident trends within first 12 months. • Achieve a program maturity score of Level 3 (“Defined”) or higher using the NIST CSF scoring model within first 12 months • Ensure annual business impact analysis (BIA) and continuity testing for all critical systems. • Establish a vendor risk assessment process with documented reviews for all critical vendors • Publish and enforce a data retention and destruction schedule integrated with legal and compliance requirements within first 12 months. • Establish a policy review cadence ensuring all cybersecurity and data protection policies are reviewed and updated annually. • Create a governance charter for the Cybersecurity Steering Committee and achieve 100% affiliate representation within first 12 months. Other Requirements: 1. Work a flexible schedule including availability nights, holidays, and weekends. 2. Pass a pre-employment drug screen and random drug screens throughout employment. 3. Provide proof of work eligibility status upon request. 4. Pass pre-employment and biennial criminal background checks. 5. Demonstrated excellent leadership skills through command presence and reinforcement of agency mission, vision, and culture to drive a passionate, engaged, and accountable workforce. 6. Strong written and oral communication skills. 7. Demonstrate the ability to: a. Work collaboratively with other staff members, service providers and professionals. b. Organize and prioritize responsibilities and duties efficiently. c. Work in a fast-paced environment, minimal supervision be professional. 8. Perform other job duties to benefit the mission of the organization. English (United States) If you like to work with people that believe they can make a difference in the world, this is the company for you! EEO Statement In accordance with Title VII of the Civil Rights Act of 1964 and other applicable federal and state laws (e.g., the Age Discrimination in Employment Act (ADEA), and the Americans with Disabilities Act (ADA), it is our policy to provide equal employment opportunity and treat all employees equally regardless of race, religion, national origin, color, sex, or any other classification made unlawful or prohibited by federal, state and/or local laws, such as age, citizenship status, veteran or military status, or disability. This policy applies to all terms and conditions of employment, including hiring, promotion, demotion, compensation, training, working conditions, transfer, job assignments, benefits, layoff, and termination. Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time. #LI-Information Technology #LI-Director #LI-Full-time FirstDay Foundation is a charitable foundation created to provide philanthropic grants, management and governance services to nonprofit organizations doing good work in local communities and across the globe. Our goal is to elevate and enhance the work nonprofits are doing to serve children, families and communities in need. Making good, greater. EEO Statement In accordance with Title VII of the Civil Rights Act of 1964 and other applicable federal and state laws (e.g., the Age Discrimination in Employment Act (ADEA), and the Americans with Disabilities Act (ADA), it is our policy to provide equal employment opportunity and treat all employees equally regardless of race, religion, national origin, color, sex, or any other classification made unlawful or prohibited by federal, state and/or local laws, such as age, citizenship status, veteran or military status, or disability. This policy applies to all terms and conditions of employment, including hiring, promotion, demotion, compensation, training, working conditions, transfer, job assignments, benefits, layoff, and termination.