Director of Cybersecurity

Company: Fashion Institute of Design & Merchandising
Location: Omaha
Posted on: June 1, 2025

Job Description:

At HDR, our employee-owners are fully engaged in creating a welcoming environment where each of us is valued and respected, a place where everyone is empowered to bring their authentic selves and novel ideas to work every day. As we work to weave diversity, equity, and inclusion into our work and foster a sense of belonging throughout the company and within our communities, we constantly ask ourselves: What is our impact on the world?Each and every role throughout our organization makes a difference in our ability to change the world for the better. Read further to learn how you could help make great things possible not only in your community, but around the world.You are a strategic and hands-on security leader with deep expertise in building and scaling compliance and security programs which protect HDR and efficiently pass heavy audit scrutiny. You thrive in fast-paced environments, balancing risk mitigation with business enablement. You are passionate about embedding compliance and security into the company's culture, working cross-functionally to protect employee data, company assets, and project data integrity. You have experience aligning compliance and security initiatives with business goals, influencing stakeholders at all levels, and rolling up your sleeves to get things done. This role is responsible for developing and enhancing an information security management framework as well as the oversight of the day-to-day operations of the cybersecurity team.About the Role:

• Compliance and Security Strategy & Leadership: Define and implement a security architecture and operating model with associated roadmap that aligns with business objectives and risk tolerance.
• Risk Management & Compliance: Continuously monitor, identify, assess, and mitigate security risks while ensuring compliance with relevant frameworks (e.g., SOC 2, ISO 27001, CCPA).
• Security Engineering & Architecture: Partner with Data, Engineering and IT Ops to embed security best practices in product development, device management, data practices and flow, infrastructure, applied AI, and cloud security.
• Identity, Access, & Data Protection: Establish policies for IAM, data encryption, data pipelines and reporting, and secure software development.
• Incident Response & Threat Management: Develop and maintain an incident response plan, monitor for threats, and lead response efforts when needed.
• Compliance and Security Awareness & Training: Foster a security-conscious culture by providing training and guidance to employees.
• Third-Party & Vendor Compliance and Security: Evaluate security risks for vendors, partners, and third-party integrations.
• Cross-Functional Collaboration: Work closely with all departments, such as Engineering, Compliance, Legal, Operations, Finance and Leadership, to ensure security is a core part of business priorities, processes, and decisions.Preferred Qualifications
  • Minimum 10 years of experience in security and compliance, with at least 5 years in a leadership role.
  • Deep knowledge of compliance frameworks (SOC 2, ISO 27001, NIST, GDPR, CCPA) and risk management best practices.
  • Experience with cloud security and securing cloud infrastructure (including AWS, GCP, OCI, Azure, and SAAS).
  • Strong technical background in security across engineering, infrastructure, data, and identity management.
  • Proven ability to build and scale compliance and security programs in high-growth environments.
  • Proven experience in developing and implementing security architecture and operating models.
  • Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
  • Excellent communication skills, with the ability to translate complex compliance and security concepts for business and technical audiences.
  • Experience partnering with Engineering and cross-functional teams to drive compliance and security initiatives.
  • Hands-on experience with compliance security tooling, monitoring, and automation.
  • A practical understanding of how AI can better enable personal and team productivity as well as compliance and security practices.
  • Experience in A/E/C industry.
  • Familiarity with Identity providers and compliance platforms.
  • Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA).
  • Passion for mentoring and developing security talent.
  • Knowledge of ethical hacking and penetration testing techniques.
  • Expertise in secure software development and DevSecOps practices.
  • Understanding of artificial intelligence and machine learning applications in security.
  • Strong sense of urgency and partnership to deliver successful business outcomes.Required Qualifications
    • An attitude and commitment to being an active participant of our employee-owned culture is a must.This role is ineligible for Visa Sponsorship.What We BelieveHDR is our company. Together, we build on each other's life experiences and perspectives to make great things possible every day. This shapes our collaborative culture, encourages organizational trust and connects us closer to the clients and communities we serve.Our CommitmentAs employee owners, we all have a role in creating an inclusive environment where each of us is welcomed, valued, respected and empowered to bring our authentic selves to work every day.Our eight Employee Network Groups (Asian Pacific, Black, Hispanic/Latino(a), LGBTQ+, People with Disabilities, Veterans, Women, Young Professionals) help create a sense of belonging and foster a supportive environment where everyone is empowered to engage and contribute. Each group has an executive sponsor and is open to all employees.Primary LocationIndustry: ITSchedule: Full-timeEmployee Status: RegularBusiness Class: Marketing and AdminJob Posting: Mar 10, 2025At HDR, we are committed to the principles of employment equity.We are an Affirmative Action and Equal Opportunity Employer.We consider all qualified applicants, regardless of criminal histories, arrest and conviction records.Ready to learn more? Let's work together to make great things possible.We design solutions to the world's greatest challenges. We're always looking for great talent to join our global teams.
      #J-18808-Ljbffr

Keywords: Fashion Institute of Design & Merchandising, Council Bluffs , Director of Cybersecurity, Executive , Omaha, Iowa