• Drive the healthy growth of the engineering organization • Help with hiring high-caliber Engineers to support team growth • Mentor and collaborate with team members to work toward career goals • Cultivate and contribute to Anchorage's culture, coach and mentor team members • Refine security roadmap, drive operational excellence in vulnerability management and incident response • Create technology strategy for security automation • Facilitate judgment and critical thinking in decision making across the organization

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Cybersecurity Operations Director is a senior-level role responsible for overseeing the organization’s overall cybersecurity posture. This role supervises various aspects of IT security, including design, development, implementation, incident response, budgets, and compliance with applicable regulations. The director contributes to the overall cybersecurity strategy by identifying growth opportunities based on the latest threats, managing security personnel, and reporting on the company’s cybersecurity status. - Security Strategy: Develop and execute security strategies to enhance the efficiency of IT systems and projects. - Engineering & Design: Oversee the design and implementation of security solutions, including firewalls, intrusion detection systems, and data encryption. - Technology Evaluation: Evaluate and recommend new cybersecurity technologies and solutions. - Implementation: Collaborate closely with IT and business teams to solution and implement cybersecurity technologies. - Incident Response: Direct crisis management by investigating the cause of breaches and implementing appropriate solutions. - Resource Allocation: Ensure that staff are delivering secure solutions by properly allocating resources. - Team Management: Manage cybersecurity teams within the organization. - Vulnerability Audits: Oversee vulnerability audits, penetration tests, and forensic IT investigations, ensuring findings are understood and applied. - Compliance: Ensure adherence to relevant regulations and standards. - Reporting: Provide regular reports on the company’s cybersecurity posture to senior management. Qualifications - Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership role. - Relevant certifications such as CISSP, CISM, or CISA are highly desirable. - Strong technical expertise, managerial skills, and alignment with business priorities. - Excellent communication and leadership abilities. Requirements - This role may also involve overseeing specific programs such as the Security Operations Center (SOC), Security Orchestration and Automation of Response (SOAR), and Threat Intelligence. Benefits - Comprehensive benefits including eligibility to participate in discretionary bonus program. - Medical, dental, vision, and life insurance. - Short-and long-term disability. - 401(k) and employee stock purchase plan. - Health savings account, dependent care, and healthcare spending accounts. - Paid time off, including 12 holidays and flexible time off. - A minimum of 48 hours of paid sick leave. - 16 weeks of paid parental leave.

• The GoodLeap security team is responsible for both business enablement and safeguarding the organization’s information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap’s customers, partners, and employees information. • The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap systems, services, and operational processes. • In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap to design, build, implement, and operate security and fraud monitoring, detection, and response capabilities.

• Operate and continuously improve security controls across hybrid and on-prem platforms (compute, virtualization, OS, network services) • Administer and tune security tooling including SIEM , EDR , and CSPM ; drive alert quality improvements and reduce noise • Implement and enforce secure configuration baselines (CIS or equivalent), hardening standards, and patching/upgrade coordination • Manage security logging strategy: log onboarding, parsing, normalization, correlation rules, dashboards, and alerting use-cases • Perform vulnerability scanning, exposure management, and remediation tracking with clear SLAs and risk-based prioritization • Support incident response activities (triage, containment support, evidence collection, escalation) and post-incident improvements • Strengthen identity and access controls for platform administration (least privilege, privileged access patterns, access reviews) • Maintain security runbooks, SOPs, and operational documentation; contribute to audit evidence preparation for ISO 27001/SOC 2, etc. • Collaborate with infrastructure and operations teams to embed security into day-to-day BAU, including change management and release windows