logo
title-image
Turrior - Let work find you
Recruiters get AI-ranked shortlists and automated outreach, filling roles up to 5× faster.
0%
Popularity
0d
Avg. Time to Hire
0h
Recruiter Res. Time
0%
HR Satisfaction
Careers at Suzy
All open opportunities, right here. Explore, apply, grow.
Apply now

Director, Information Security

$155,000 - $175,000/year
4 Nov 2025
United States
Verified by Turrior

Content + Source + Freshness • 18 Dec 2025 • 95% confidence

90 / 100

Offer value

Exceptional opportunity for experienced security professionals, with a strong compensation package and significant leadership roles in a rapidly growing company.

  • Compensation: $155,000 - $175,000 annually
  • Senior leadership in security management
  • Potential for extensive influence in a growing company
  • High demands may lead to challenging work-life balance
Pros
  • High salary range ($155,000 - $175,000) indicative of market demand
  • Ownership of security strategy in a leading consumer insights platform
  • Dynamic work culture with a focus on innovation and impact
Cons
  • High-pressure environment could lead to stress
  • Overseeing multiple security domains may require extensive hours
  • Expectations for quick scaling may lead to rapid change
  • Leading a growing team requires strong management skills.

Who it's for

Senior / Lead • Remote/On-site

Good fit
  • Experienced information security professionals
  • Leaders looking to grow security infrastructures
  • Candidates with strong backgrounds in compliance and risk management
Not recommended for
  • Persons without security management experience
  • Individuals preferring strictly non-technical roles
  • Those who are not interested in hands-on leadership

Motivation fit

Desire to foster a culture of security across an organizationInterest in scaling security frameworks within a tech environmentReadiness to take charge of compliance and security strategies

Key skills

Leadership in information securityKnowledge of compliance frameworksProject management in tech environmentsAdaptability to new security technologies
Score: 90/100 AI verified analysis

About the job

Suzy is an always-on consumer insights platform that connects organizations directly with their target audiences to make smarter, faster, and more consumer-centric decisions.

We’re looking for an information security leader who can roll up their sleeves and take ownership of Suzy’s Information Security Management System (ISMS). As Director, Information Security, you’ll define and execute the company’s security strategy, ensuring both proactive risk management and security compliance maturity as we continue to scale.

Position Summary:

The Director, Information Security will provide both strategic input and hands-on technical acumen across all areas of Suzy’s security program — including endpoint protection, identity and access management, data loss prevention, cloud security, and compliance implementation.

This role requires a hybrid mindset: someone who can architect and manage enterprise security infrastructure while also mentoring a growing team of engineers and analysts to operationalize best practices.

Key Responsibilities:

1. Security Leadership & Program Ownership

  • Define and lead Suzy’s security roadmap, spanning endpoint, identity, network, and cloud domains.

  • Serve as a trusted advisor to leadership on security risk and technology priorities.

  • Foster a company-wide culture of security through education, influence, and automation.

  • Partner with the GRC lead to ensure technical controls map effectively to compliance frameworks.

  • Own the security strategy for Suzy’s global workforce footprint, including offshore vendor engagements, ensuring consistent security posture across diverse geographies, device management practices, and access models.

2. Identity & Access Management (IAM)

  • Own identity governance and access control within Azure Entra ID.

  • Design and enforce RBAC, group-based access, and conditional access policies — ensuring no direct access assignments.
    Oversee access review cycles, privileged identity management (PIM), and lifecycle automation tied to HR systems.

  • Continuously refine authentication and authorization mechanisms to support zero-trust principles.

3. Endpoint & Device Security

  • Oversee MDM operations via macOS and Windows (e.g., Kandji, Intune) to ensure configuration compliance, patch management, and device hardening.

  • Manage and optimize EDR solutions (e.g., CrowdStrike, SentinelOne) for proactive threat detection, response, and telemetry integration.

  • Drive automation of device onboarding, policy enforcement, and endpoint health reporting.

  • Collaborate with IT to ensure all endpoints align with Suzy’s security baselines.

4. Data Loss Prevention (DLP) & Network Security

  • Lead deployment and tuning of Zscaler and Netskope to secure web traffic and prevent data exfiltration.

  • Create adaptive DLP policies balancing protection and business enablement.

  • Integrate DLP and SASE event data into centralized monitoring and alerting pipelines.

  • Partner with engineering and operations to optimize traffic routing and data protection across the environment.

5. Security Operations & Incident Response

  • Own Suzy’s SIEM infrastructure (Azure Sentinel or equivalent), including rule creation, correlation logic, and escalation workflows.

  • Oversee vulnerability assessments, penetration tests, and incident detection and response processes.

  • Lead and document incident response activities, including post-incident reviews and corrective action plans.

  • Manage security vendor relationships, ensuring effective integration and performance of managed services.

  • Work closely with Suzy’s product and engineering teams to conduct business continuity and disaster recovery testing and readiness.

6. Cloud & Application Security (CNAPP)

  • Oversee cloud workload protection and posture management through Orca Security, Wiz, or equivalent CNAPP platforms.

  • Monitor and remediate cloud misconfigurations, vulnerabilities, and IAM risks.

  • Collaborate with DevOps to integrate CNAPP insights into CI/CD pipelines for continuous risk reduction.

  • Guide secure architecture reviews for new cloud deployments and application integrations.

Qualifications:

Required

  • 5+ years of experience in information security, with ideally 2 years in a management or leadership capacity.

  • Proven experience leading or contributing to enterprise security programs across endpoint, identity, and cloud domains.

  • Deep understanding of ISO 27001, SOC 2, ISO 42001, and NIST frameworks.

  • Strong communication and leadership skills with the ability to translate technical risk to business impact.

  • Demonstrated ability to build and scale teams, prioritize initiatives, and drive measurable results.

Preferred

  • Certifications such as CISSP, CISM, SSCP, or Azure Security Engineer Associate (AZ-500).

  • Hands-on experience with:

    • MDM (Kandji, Intune)

    • EDR (CrowdStrike, SentinelOne)

    • DLP/SASE (Zscaler, Netskope)

    • SIEM (Azure Sentinel or equivalent)

    • Azure Entra ID (RBAC, Conditional Access, PIM)

    • CNAPP (Orca, Wiz)

  • Experience integrating tools with SIEM/SOAR platforms for end-to-end automation.

  • Familiarity with GitHub Advanced Security, secret scanning, and secure code practices.

  • Experience leading tabletop exercises and developing IR playbooks.

Benefits:

  • We take care of our employees and their families. We have generous health dental and vision benefits, and our 401K plan vests immediately

  • A friendly, fun, and collaborative work environment that allows for frequent exposure to executives

  • The opportunity to make an immediate impact as a part of a fast-growing company

  • The target base compensation for this role is $155,000 - $175,000.

Suzy is an equal opportunity employer. We are a welcoming place for everyone, and we do our best to ensure all people feel supported and connected at work.

Suzy is committed to protecting its customers, employees, partners, and the company as a whole, from damaging acts that are intentional or unintentional. Effective security is a team effort involving the participation and support of every user who interacts with company information/data and systems. It is the responsibility of each individual to help protect company information assets.

#LI-Remote #LI-LH1

Click Here to view our Applicant Privacy Notice

Similar Jobs

5 months ago
Apply now
Director, Information Security
MWI Veterinary Supply
6 months ago
Apply now
Director, Information Security
Unacast
5 months ago
Apply now
Director, Information Security
Suzy
5 months ago
Apply now
Information Security, Director
Panorama Education

End-to-end AI hiring for modern HR teams

Turrior uses artificial intelligence to create job listings, automate candidate screening, conduct video interviews, and apply comprehensive AI scoring — helping companies hire faster, more accurately, and with lower operational costs.

Key benefits:

  • AI-powered job creation and structured job data
  • Intelligent candidate screening and automated shortlisting
  • Video interviews with AI-based answer analysis
  • Comprehensive AI scoring of skills, experience, and role fit
  • Recruitment process automation and reduced time-to-hire
Free trialSee how it works

Share job