Senior Director of Cyber Security
Atlanta, GA, US
Cantaloupe Inc
Cantaloupe powers self-service commerce around the world with innovative technology and software solutions for businesses of all sizes."Sr. Director of Cybersecurity
Cantaloupe, Inc. is a software and payments company that provides end-to-end technology solutions for self-service commerce. Cantaloupe is transforming the self-service commerce industry by offering one integrated solution for payments processing, logistics, and back-office management. The Company’s enterprise-wide platform is designed to increase consumer engagement and sales revenue through digital payments, digital advertising, and customer loyalty programs, while providing retailers with control and visibility over their operations and inventory. As a result, customers ranging from vending machine companies to operators of micro-markets, car charging stations, laundromats, metered parking terminals, kiosks, amusements and more, can run their businesses more proactively, predictably, and competitively.
Reporting to Chief Information Security Officer (CISO), the Senior Director of Cybersecurity will play a critical role in safeguarding Cantaloupe’s (and subsidiaries) digital assets and maintaining resilience against cyber threats. Sr Director is expected to have technical expertise and play key role in the areas of Strategic leadership, Risk management and Regulatory Compliance. In this role, Sr Director is expected to roll up sleeves, dive in, and make a difference to own, grow, and shape Cantaloupe’s Cybersecurity posture during the next phase of the company's rapid growth.
Primary Responsibilities:
- Develop and implement cybersecurity strategies aligned with the organization’s goals.
- Serve as a technical expert in complex IT systems, privacy standards, and relevant technologies. Understand and implement security technologies.
- Provide guidance to senior management on cyber risk trends and resilience strategies.
- Monitor compliance with information security policies. Ensure adherence to state and federal regulations.
- Oversee risk assessments and response strategies to ensure a high level of security and resilience. Play key role in annual, semi-annual and quarterly risk assessments.
- Address privacy and digital security needs for the organization and local educational agencies
- Manage and rationalize overlap of various compliance and regulatory frameworks (SOX, PCI, SOC2, etc.) so to minimize duplicative language and control activities across the frameworks
- Work closely with the IT, Engineering, Data and Compliance teams to ensure IT General Control documentation and monitoring programs are consistent with Compliance programs.
- Recommend to CISO / CTLP Leadership any gaps in controls, control language, automation tools, etc. that will simplify and automate overall Security posture and reporting
- Help in managing Cybersecurity budgets.
- Communicate project and budget status to senior leadership.
Required Qualifications/Skills:
- 10+ years of experience, of which at least 5+ years in the field of Information Security.
- At least one of industry recognized InfoSec certifications like CISSP, CISM, CRISC, CISA, PCI-ISA or GSEC etc
- Must have worked with at least one of below Risk Frameworks
- NIST Cybersecurity Framework (CSF)
- PCI-DSS (Payment Card Industry Data Security Standard)
- SOC2 (Service Organization Control 2)
- ISO 27001 & 27002
- Center for Internet Security (CIS) Controls
- Significant skills as a technical generalist that will enable to do Security Assessments of Information Assets
- An organized, detailed, proactive, self-motivated, and collaborative work style.
- Excellent oral and written communication skills
- Proven ability to work cross functionally and adapt to change are extremely important
- Ability to prioritize workloads and ensure deadlines are consistently met
- High integrity and ability to handle confidential information
Preferred Qualifications:
- Familiarity with the capabilities of modern cloud ecosystems (e.g. Azure, AWS) and the technologies that power them
- Knowledge of fraud detection and prevention techniques in payment systems
- Familiarity with mobile payments and other emerging payment technologies
- Familiarity with analytics and data visualization tools such as Tableau or Google Analytics
- Familiarity with new PCI DSS 4.0 compliance requirements and other relevant payment regulations
- Knowledge of IT compliance best-practices, both processes and tools
Why choose Cantaloupe:
We offer competitive benefits not just limited to compensation but also offer:
- Medical, Dental, & Vision Benefits coverage, plus additional benefits (Life Assistance Program, Financial Wellness, and Nutritional Counseling)
- 401(K) with employer match effective upon the first day of employment
- 18 days PTO + (9) Observed Company Holidays
- Tuition Reimbursement
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Automation AWS Azure CISA CISM CISO CISSP Cloud Compliance CRISC GSEC ISO 27001 Monitoring NIST PCI DSS Privacy Risk assessment Risk management Security assessment SOC 2 SOX
Perks/benefits: 401(k) matching Competitive pay Health care Startup environment Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.