Senior Director, ISO
Listed on 2026-07-02
-
IT/Tech
Cybersecurity
Senior Director, ISO
Department: Information Technology
Employment Type: Full Time
Location: Atlanta, GA;
Dallas, TX
Infor has an exciting opportunity for a Senior Director ISO who will be responsible for securing all products and platforms used by 65,000 customers worldwide, operating at enterprise scale across cloud, AI, and modern development ecosystems.
This role will be responsible for driving the strategy, architecture, and implementation of security controls across the software development lifecycle (SDLC) to protect enterprise applications, cloud infrastructure, and data. The role will lead the transformation of application security across Dev Sec Ops , threat modelling, and vulnerability management, while partnering with development and operations leadership to align on strategy and priorities.
ATypical Day in the Life Includes:
- Drive a team of talented security analysts, setting the standard for excellence in application security across a global software portfolio.
- Be the go-to SME for development, product, and business teams — embedding security into every stage of the SDLC, from design through deployment.
- Partner with engineering and data science teams to embed security into AI/ML pipelines, generative AI features, and agentic systems. Address emerging risks including prompt injection, model supply chain integrity, training data protection, output handling, and the OWASP Top 10 for LLM Applications.
- Champion secure design and testing practices aligned with OWASP Top 10, API Security Top 10, OWASP ASVS, and OWASP LLM Top 10 standards.
- Advance modern application security initiatives—shift‑left automation, software supply chain security (SBOMs, SLSA, dependency integrity), secrets management, IaC scanning, container and Kubernetes security, and ASPM/CSPM integration.
- Align secure coding principles with development priorities, create actionable roadmaps, and report on risk posture to executive stakeholders.
- Evolve frameworks and policies to meet emerging threats, regulatory shifts, and compliance requirements (SOC 2, ISO 27001, FedRAMP, GDPR, EU AI Act, NIST AI RMF).
- Review DAST, SAST, IAST, SCA, and secrets-detection findings; triage and drive remediation of vulnerabilities before release.
- Guide CI/CD security integration, threat modelling at scale, and developer enablement programs that make secure development the default path.
- Act as a thought leader across the enterprise, mitigating risk and partnering with engineering leadership on architecture and platform decisions.
- Experience leading application security programs at scale, ideally within a large software or SaaS organization.
- Experience with Azure and AWS cloud‑native security services and architectures.
- Experience with AI/ML security — securing generative AI features, LLM‑integrated applications, model APIs, and AI development pipelines. Balance tactical fixes with strategic vision.
- Communication skills to translate complex technical issues into clear business insights for technical and executive audiences.
- Experience in Secure SDLC frameworks and modern security toolsets (SAST, DAST, IAST, SCA, ASPM, secrets scanning, IaC security).
- Experience with software supply chain security practices and standards (SLSA, SBOM, signed artifacts).
- Certifications such as CISSP, CISM, CCSK, CCSP, OSCP, GWAPT, or AI/ML security credentials are a plus.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).