Associate Director, Cybersecurity

Associate Director (Cybersecurity)

Location: Chicago, IL (Hybrid)

Reporting to: Senior Director

Position Responsibilities

The candidate should possess a strong security mindset and a proven record of driving security improvements in enterprise environments. In addition to managing staff, this role focuses on planning, designing, and executing security projects in a Microsoft-oriented environment.

• Threat Intelligence: Continuously monitor the global cybersecurity threat landscape and translate intelligence into actionable guidance and incident readiness.

• Control Environment: Own the continuous improvement of cybersecurity controls by identifying gaps and leading the implementation of new technical, procedural, and detective controls across infrastructure and cloud platforms.

• Threat Modeling: Establish and lead an enterprise threat modeling program that proactively identifies how adversaries could exploit applications, infrastructure, and third-party integrations.

• Incident Leadership: Serve as the cyber defense lead during major security incidents by activating the CSIRT and coordinating cross-functional response teams.

• Team Leadership: Manage and mentor Cybersecurity Team members while leading multiple simultaneous projects.

• Technical Support: Provide Level 3 problem management and troubleshooting, along with documentation for the Service Desk.

• Vendor Management: Engage with vendors on support issues and perform regular product and business reviews.

Candidate Requirements

• Experience: 15+ years of experience supporting information security and executing security-related projects in a medium-to-large organization.

• Management: Previous staff management experience is required.

• Technical Proficiency: Demonstrated experience with Microsoft Defender XDR, Zscaler, Entra ID, Active Directory, and Azure cloud security.

• Threat Modeling: 3+ years of specific threat modeling and assessment work on applications and IT infrastructure.

• Education/Certs: Bachelor’s degree required. CISSP, CISM, SSCP, or Microsoft SC-100/SC-900 certifications are a plus.

• Competencies: Strong business acumen to understand the impact of security on business outcomes and a commitment to a “Gold Standard” hybrid work culture.