OVERVIEW The Company Common Securitization Solutions (CSS) is seeking an experienced Senior Director of Cybersecurity Assurance Services to join our team of talented professionals. This is a full-time remote opportunity. CSS built and operates the largest and most advanced mortgage securitization platform in the world, supporting the Uniform Mortgage-Backed Security (UMBS) of Fannie Mae and Freddie Mac. Supporting 70% of the mortgage-backed securities in the market, CSS provides best-in-class single-family issuance, bond administration, disclosure, and tax services. We support a broad portfolio of products for our clients with full lifecycle management. Our market-leading, cloud-based, end-to-end platform executes transactions on an extraordinary scale which has bolstered liquidity in the secondary mortgage market, one of the largest and most important financial markets in the world. Our unique approach to securitization combines the best minds in financial services with the know-how, flexibility, and innovation of leading technologists. RESPONSIBILITIES Job Information The Sr Director Cybersecurity Assurance Services will lead the overall design of IT security architecture and ensure that the organization is compliant to cyber security policies both internally and externally. This position will contribute to the overall security vision and strategy. This position will lead day-to-day management and execution of the security governance, risk management, and compliance functions across all divisions. This position will interface with other IT professionals as well as leaders of the business to assess and manage cyber risk, share the security vision, and solicit involvement in achieving higher levels of enterprise security through information sharing and collaboration. This is a sucessor type role for all across InfoSec’s functional areas. Key Job Functions Partner with leaders across the business to identify opportunities and risks and develop solutions that support CSS, a SaaS company serving as the critical backbone of the US mortgage finance industry. Refine, design, and implement company wide cyber security polices and controls in partnership with legal/compliance, 2nd and 3rd lines of defense. Manage external assessment activities and synthesize information into senior level presentations. Serves as a subject matter expert to internal business, technology, and security teams. Proactively advises on a range of cyber risk management activities and information security industry best practices. Acts as an ambassador and senior technical advisor for enterprise security while engaging with other senior technical leaders throughout the organization. Develop and refine standards in partnership with Engineering, Infrastructure, Application Development, Data. Engage in ongoing communication with peers in the Infrastructure and Application Support groups as well as the business group to ensure understanding of security goals, to solicit feedback and foster cooperation. Oversee deployment, integration, and initial configuration of all new information security solutions and enhancements to existing information security solutions in accordance with Information security policies, standards, and operational procedures. Lead initiatives designed to share knowledge across security, technology, and business teams. Identifies, recommends, coordinates, and delivers timely knowledge to support teams regarding technologies, processes, or tools. Create and maintain a set of metrics to document and measure the performance and effectiveness of the Information Security program; responsible for communicating metrics to IT Leadership Team. QUALIFICATIONS Education Bachelor’s degree or higher in related discipline. Minimum Experience Minimum of 12 years of experience building and leading global cybersecurity programs and a minimum of 5+ years leading Security Operations and Incident Response Teams. Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. CSS does not offer H-1B sponsorship for this position. Specialized Knowledge & Skills Active in the information security industry; equipped with external networking relationships to maintain relevant knowledge of leading practices, tactics, strategies, and technologies Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals. Experience working with Risk, Security or Audit frameworks (i.e., COBIT, COSO, ISO 27001/2, NIST 800-53, AICPA, BITS). Serve as subject matter expert for InfoSec and IT Security related topics with experience in technical control testing aligned to NIST 800-53, FISMA, and SOC. Strong understanding of technology processes, risks and issues including infrastructure, information security, SDLC and Service Management (knowledge within cloud computing is preferred). Possesses strong analytical skills capable of identifying, evaluating and mitigating significant risks within an enterprise. Industry Certification required, e.g. CISSP, CISA, CISM or equivalent designation. Demonstrated experience using and managing Risk Management tools is desired. Strong working experience with Microsoft Office Suite and GRC tools. Secondary mortgage market or equivalent financial services experience is an advantage. Ability to document and explain risks and vulnerabilities to both business and technical stakeholders. Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives. Strong oral and written communication skills and ability to work well with others and in a collaborative, complex and fast paced environment. Pay Range $168,924 to $290,373 CSS’s pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) a candidate’s qualifications, skills, competencies, and experience, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. CSS offers a competitive total compensation package, which includes a performance bonus, 401k match, healthcare coverage, PTO, and a broad range of other benefits. Employment As a condition of employment with Common Securitization Solutions, any successful job applicant will be required to successfully complete a background investigation, which may also include a credit check for positions in some areas of our business. Common Securitization Solutions is an Equal Opportunity Employer.