Senior Director, Information Security

Piper Companies is seeking an experienced Senior Director, Information Security (Security Officer) to lead and evolve the organization’s overall cybersecurity and risk management strategy within a fast-paced, growth-oriented environment. This role is instrumental in safeguarding enterprise systems, applications, and sensitive data while working cross-functionally with executive leadership, legal, and technology teams. The position will influence security posture, guide policy development, and serve as a trusted advisor on data protection and privacy matters.

This is a full-time opportunity with a preference for candidates located in Chapel Hill, NC or Newton, MA.

• Collaborating with infrastructure and engineering teams to design and implement a robust enterprise security and IT risk management program.
• Leading organization-wide risk assessments and partnering with business units to proactively address vulnerabilities and compliance gaps.
• Acting as a key advisor for clients, prospects, and internal teams on security and data privacy topics, including participation in audits, RFPs, and implementation discussions.
• Overseeing relationships with third-party providers responsible for security audits, certifications, and compliance assessments (e.g., SOC 2, HITRUST).
• Establishing and testing business continuity and disaster recovery capabilities to maintain system uptime and data protection.
• Driving initiatives related to ongoing security monitoring, vulnerability remediation, and threat detection.
• Promoting a culture of security awareness and ensuring employees adhere to policies, procedures, and training requirements.

• 8+ years of progressive experience across cybersecurity, risk management, compliance, and IT within a high-growth or dynamic organization.
• Strong familiarity with industry-standard frameworks such as SOC, NIST, ISO, and HIPAA/HITRUST.
• Demonstrated success building and scaling security programs, particularly in regulated industries such as healthcare or SaaS.
• Relevant industry certifications such as CISSP, CISM, or similar.
• Experience managing vendor relationships, including contract negotiation and oversight of managed services.
• Knowledge of internal audit practices, IT general controls (ITGC), and governance frameworks such as COSO or COBIT.
• Exposure to AI security principles and governance models (e.g., NIST AI RMF, OWASP Top 10 for LLMs, ISO/IEC 42001), including assessing emerging risks in modern SaaS or healthcare environments.

• Salary range: $190,000 - $230,000 + bonus
• Comprehensive benefits package including Medical, Dental, Vision, 401k, PTO, holidays, and sick leave as required by law.