Director, Cybersecurity

• Pay or shift range: $190,000 USD to $220,000 USD
  The estimated range is the budgeted amount for this position. Final offers are based on various factors, including skill set, experience, location, qualifications and other job-related reasons.

NRS is a leading provider of transportation & supply chain solutions. As a family-owned and operated company, NRS has delivered smart logistics solutions to numerous Fortune 500 companies spanning over 70 years. Whether it’s NRT, Keystone, Keystone Fresh, or Keystone Capacity, our innovative energy drives us towards new and valuable solutions for our clients, even as we continuously grow and strengthen our network.

We are dedicated to creating a culture that empowers the individual and offers our associates the opportunity to apply their unique skill to the challenges facing our clients. In the office, the warehouse, or on the road, it is this commitment to our innovative spirit that unites us in common mission to push boundaries in the logistics industry.

This role is responsible for embedding security into every phase of the software development lifecycle (SDLC), strengthening the organization’s security posture, and driving a culture of security-first thinking. The Director will partner with Service Desk, Infrastructure, Security, and Application teams to improve customer experience, reduce risk, and increase operational excellence. The Director must be an effective business partner, with the ability to drive change within the organization towards a culture of process maturity.

This role will implement best practices for monitoring, communications, troubleshooting issues, proactively communicating and improving data flow.

• Support and promote the company values, culture, and HR processes
• Define and execute the organization’s cybersecurity and Dev Sec Ops  strategy aligned with business objectives
• Lead, mentor, and grow a high-performing team of security engineers and Dev Sec Ops  professionals
• Collaborate with Operations, IT, and leadership to integrate security into all processes
• Establish and track KPIs, metrics, and reporting for security posture and risk management
• Recruit, reward, and recognize employees
• Provide the necessary training opportunities, tools, and resources to ensure team success
• Provide clear direction in weekly team checkpoints
• Establish a training & adoption plan for process changes across IT and business stakeholders.

• Embed security tools and practices into CI/CD pipelines
• Champion “shift-left” security practices, including automated code scanning and testing
• Oversee secure coding standards and developer training programs
• Implement infrastructure-as-code (IaC) security controls and compliance checks
• Establish policies, SOPs, RACI, process maps, SLAs/OLAs, and controls.
• Define and manage the KPIs and OKRs process; publish dashboards and monthly service reviews.
• Maintain evidence and controls for process compliance and platform access governance.

• Oversee threat detection, vulnerability management, and incident response programs
• Conduct regular risk assessments and manage remediation efforts
• Ensure compliance with relevant regulations and standards (e.g., SOC 2, ISO 27001, NIST)
• Manage third-party/vendor security risk assessments
• Implement automation and AI where applicable to improve consistency and productivity

• Design and enforce secure system architectures across cloud and on-prem environments
• Evaluate and implement security tools (e.g., SAST, DAST, container security, SIEM)
• Partner with cloud and platform teams to secure modern architectures (e.g., microservices, Kubernetes)
• Lead incident response planning, tabletop exercises, and post-incident reviews
• Develop and maintain security policies, standards, and procedures
• Report on security risks and initiatives to executive leadership

• Bachelor’s degree in Computer Science, Cybersecurity, or related field experience
• 8–12+ years of experience in cybersecurity, with at least 3–5 years in a leadership role
• Strong experience implementing Dev…