Director, Cybersecurity
Habitat
Habitat for Humanity International (HFHI) is currently seeking a talented and experienced Director, Cybersecurity to lead our efforts in identifying, assessing, and mitigating cyber threats. The ideal candidate will possess deep expertise in cyber incident response, threat intelligence, vulnerability management, and penetration testing. This role requires a strong background in offensive security tactics, techniques, and procedures, along with experience in working with cross-functional teams.
Essential Duties and Responsibilities:
• Lead Offensive Security capabilities: Oversee red team engagements that simulate real-world adversary tactics to assess and improve the organization’s defenses.
• Cyber Incident Response: Manage and coordinate incident response efforts, ensuring timely detection, containment, and resolution of security breaches.
• Threat and Vulnerability Management: Direct the identification, assessment, and prioritization of vulnerabilities across systems and networks, developing strategies for mitigation.
• Penetration Testing: Conduct and supervise penetration tests to evaluate the security of applications, networks, and systems, identifying areas for improvement.
• Cross-Functional Collaboration: Work closely with other departments (e.g., IT, compliance, development) to align security practices with broader business goals and regulatory requirements.
• Develop Security Strategies: Create and implement red team strategies to continuously challenge and enhance the organization’s defensive capabilities.
• Mentorship and Leadership: Build, manage, and mentor a high-performing red team, fostering growth and ensuring adherence to industry best practices.
Minimum Qualifications:
• Education: Bachelor’s Degree or equivalent experience
• 10+ years of experience in cybersecurity, with at least 5 years in security roles such as incident response, red teaming, penetration testing, or ethical hacking.
Knowledge, Skills & Abilities:
• Technical Expertise: Deep understanding of adversary tactics, techniques, and procedures (TTPs), with proficiency in tools like Metasploit, Cobalt Strike, Burp Suite, and other offensive security tools.
• Incident Response: Expertise in managing large-scale incident response efforts.
• Penetration Testing: Strong background in conducting and overseeing penetration tests for complex, large-scale environments (web apps, networks, cloud).
• Threat Intelligence: Knowledge of current threat landscapes, attack vectors, and experience utilizing threat intelligence to inform red team exercises and vulnerability management.
• Communication Skills: Excellent written and verbal communication skills, with the ability to present complex security issues to technical and non-technical stakeholders.
Preferred Requirements (in addition to minimum):
• Certifications: Relevant certifications such as OSCP, OSCE, CISSP, CEH, or GIAC certifications like GPEN, GWAPT, or GCIH.
• Active support of HFHI Values:
o Humility – We are part of something bigger than ourselves
o Courage – We do what’s right, even when it is difficult or unpopular
o Accountability – We take personal responsibility for Habitat’s mission
• Safeguarding: HFHI requires that all employees take seriously their ethical responsibilities to safeguarding our intended beneficiaries, their communities, and all those with whom we work. Managers at all levels have responsibilities to support and develop systems that create and maintain an environment that prevents harassment, sexual exploitation and abuse, safeguards the rights of beneficiaries and community members (especially children), and promotes the implementation of Habitat for Humanity’s code of conduct.
The actual salary offered for this role will be based on a variety of factors, including location, internal equity and the candidate’s qualifications and professional experience. HFHI offers a competitive, comprehensive benefits package that varies by country and typically includes vacation leave, sick leave, personal days, health insurance options, retirement plan contributions and life insurance. For work locations in the US, the hiring range for this position is $140,080 to $164,800.
Essential Duties and Responsibilities:
• Lead Offensive Security capabilities: Oversee red team engagements that simulate real-world adversary tactics to assess and improve the organization’s defenses.
• Cyber Incident Response: Manage and coordinate incident response efforts, ensuring timely detection, containment, and resolution of security breaches.
• Threat and Vulnerability Management: Direct the identification, assessment, and prioritization of vulnerabilities across systems and networks, developing strategies for mitigation.
• Penetration Testing: Conduct and supervise penetration tests to evaluate the security of applications, networks, and systems, identifying areas for improvement.
• Cross-Functional Collaboration: Work closely with other departments (e.g., IT, compliance, development) to align security practices with broader business goals and regulatory requirements.
• Develop Security Strategies: Create and implement red team strategies to continuously challenge and enhance the organization’s defensive capabilities.
• Mentorship and Leadership: Build, manage, and mentor a high-performing red team, fostering growth and ensuring adherence to industry best practices.
Minimum Qualifications:
• Education: Bachelor’s Degree or equivalent experience
• 10+ years of experience in cybersecurity, with at least 5 years in security roles such as incident response, red teaming, penetration testing, or ethical hacking.
Knowledge, Skills & Abilities:
• Technical Expertise: Deep understanding of adversary tactics, techniques, and procedures (TTPs), with proficiency in tools like Metasploit, Cobalt Strike, Burp Suite, and other offensive security tools.
• Incident Response: Expertise in managing large-scale incident response efforts.
• Penetration Testing: Strong background in conducting and overseeing penetration tests for complex, large-scale environments (web apps, networks, cloud).
• Threat Intelligence: Knowledge of current threat landscapes, attack vectors, and experience utilizing threat intelligence to inform red team exercises and vulnerability management.
• Communication Skills: Excellent written and verbal communication skills, with the ability to present complex security issues to technical and non-technical stakeholders.
Preferred Requirements (in addition to minimum):
• Certifications: Relevant certifications such as OSCP, OSCE, CISSP, CEH, or GIAC certifications like GPEN, GWAPT, or GCIH.
• Active support of HFHI Values:
o Humility – We are part of something bigger than ourselves
o Courage – We do what’s right, even when it is difficult or unpopular
o Accountability – We take personal responsibility for Habitat’s mission
• Safeguarding: HFHI requires that all employees take seriously their ethical responsibilities to safeguarding our intended beneficiaries, their communities, and all those with whom we work. Managers at all levels have responsibilities to support and develop systems that create and maintain an environment that prevents harassment, sexual exploitation and abuse, safeguards the rights of beneficiaries and community members (especially children), and promotes the implementation of Habitat for Humanity’s code of conduct.
The actual salary offered for this role will be based on a variety of factors, including location, internal equity and the candidate’s qualifications and professional experience. HFHI offers a competitive, comprehensive benefits package that varies by country and typically includes vacation leave, sick leave, personal days, health insurance options, retirement plan contributions and life insurance. For work locations in the US, the hiring range for this position is $140,080 to $164,800.
Confirm your E-mail: Send Email
All Jobs from Habitat