Director, Information Security
Frontline Road Safety Group
Date: 2 days ago
City: Denver, CO
Salary:
$180,000
-
$210,000
per year
Contract type: Full time
Frontline Road Safety Group is the undisputed North American pavement marking leader. Our company, owned by Bain Capital and proudly provides its customers with unparalleled customer service and the use of innovative technology to ensure timely and value-added results.
In our time of growth, we are currently looking to add a Director of Information Security to our Denver HQ team. This is an on-site position in our downtown Denver headquarters. We are not considering relocation for out of state candidates or candidates who are not in metro Denver.
Pay Range Commensurate With Experience: $180-210K
Collaborates With: MSP/MDR, IT Operations, HR, Legal, Compliance, Business Units
Role Overview
Reporting to the Chief Information Officer, the Director of Information Security serves as the organization’s key cybersecurity authority, responsible for establishing, managing, and continually enhancing a robust, enterprise-wide information security and data privacy program. This role provides strategic direction, ensures regulatory compliance, leads incident response efforts, and fosters a strong security culture across the enterprise. The role also governs relationships with third-party vendors and managed security partners and drives business-aligned risk management and resiliency efforts.
Key Responsibilities
Strategic Leadership & Governance
Function
Tools / Partners
SIEM/SOC
Rapid7 MTC (IDR, IVM) - MDR Provider
Endpoint Detection
SentinelOne (S1)
Email Security
Checkpoint Harmony SEG
SAT/Phishing
KnowBe4
Log Management
MSP - Log Source Management
DNS, SPF, DMARC
MSP - Configuration Management
Qualifications
SAFETY FIRST
In our time of growth, we are currently looking to add a Director of Information Security to our Denver HQ team. This is an on-site position in our downtown Denver headquarters. We are not considering relocation for out of state candidates or candidates who are not in metro Denver.
Pay Range Commensurate With Experience: $180-210K
Collaborates With: MSP/MDR, IT Operations, HR, Legal, Compliance, Business Units
Role Overview
Reporting to the Chief Information Officer, the Director of Information Security serves as the organization’s key cybersecurity authority, responsible for establishing, managing, and continually enhancing a robust, enterprise-wide information security and data privacy program. This role provides strategic direction, ensures regulatory compliance, leads incident response efforts, and fosters a strong security culture across the enterprise. The role also governs relationships with third-party vendors and managed security partners and drives business-aligned risk management and resiliency efforts.
Key Responsibilities
Strategic Leadership & Governance
- Develop, implement, and maintain the organization's information security and data privacy strategy, policies, and governance framework, aligning with frameworks such as NIST CSF 2.0 and CIS Controls.
- Serve as a trusted advisor to leadership on cyber risk, compliance obligations (e.g., PCI, CJIS), and emerging threats.
- Establish and manage key performance indicators (KPIs) and dashboards to measure program effectiveness and foster continuous improvement.
- Develop and communicate a strategic vision for the security program that balances business enablement with risk mitigation.
- Lead incident response efforts, exercises, and investigations in collaboration with the MSP/MDR Security Operations Center (SOC).
- Coordinate real-time monitoring, triage, and response to security alerts and vulnerabilities.
- Monitor and oversee the organization’s Disaster Recovery (DR) and Business Continuity Plans (BCP), ensuring readiness through regular testing.
- Lead enforcement and tuning of core security platforms, including EDR (e.g., SentinelOne), SIEM (e.g., Rapid7 MTC), and the secure email gateway (e.g., Checkpoint Harmony).
- Implement third-party vendor risk management program, including onboarding security reviews and continuous monitoring.
- Conduct and oversee regular security and risk assessments of infrastructure, applications, and new technologies.
- Monitor and ensure compliance with data privacy and cybersecurity regulations, participating in audits, litigation holds, and access reviews.
- Implement controls and tracking mechanisms for compliance with frameworks like NIST, ISO, and Privacy Laws like PRA/CCPA (California), and CPA (Colorado) to name a few, and sector-specific mandates.
- Evaluate and implement advanced security solutions (e.g., DLP, SASE, CASB, PAM, CSPM, LAPS) to enhance the organization's risk posture.
- Collaborate with other IT teams to secure infrastructure, cloud services, and applications through defense-in-depth strategies.
- Define and enforce technical security standards, including secure configuration baselines and secure coding guidelines.
- Own oversight for external access controls, firewall policy governance, DNS protection, DMARC/SPF, and log management.
- Lead and enhance the Security Awareness Training (SAT) program (e.g., KnowBe4), including phishing simulations and compliance reporting.
- Advocate for a security-first culture across IT and business teams through ongoing engagement, communication, and training.
- Drive remediation campaigns based on audit findings or security control gaps identified.
Function
Tools / Partners
SIEM/SOC
Rapid7 MTC (IDR, IVM) - MDR Provider
Endpoint Detection
SentinelOne (S1)
Email Security
Checkpoint Harmony SEG
SAT/Phishing
KnowBe4
Log Management
MSP - Log Source Management
DNS, SPF, DMARC
MSP - Configuration Management
Qualifications
- Education: Bachelor’s degree in Information Security, Computer Science, or related field (Master’s preferred).
- Experience: 8+ years in information security leadership roles, with expertise in managing enterprise-wide programs in federated, M&A, or regulated environments.
- Certifications: CISSP, CISM, or equivalent strongly preferred.
- Technical Proficiency: Deep knowledge of risk management, security technologies, and compliance frameworks (NIST, CIS, ISO).
- Business Acumen: Ability to balance cybersecurity strategy with business growth goals, using risk-based prioritization.
- Communication Skills: Strong ability to articulate security concepts to non-technical stakeholders and executive leadership.
- Leadership: Experience managing cross-functional teams and vendor relationships, including MDR governance and performance measurement.
- A measurable reduction in organizational cyber risk through improved controls and visibility.
- Security events are detected, contained, and remediated with minimal business disruption.
- A well-established, compliant, and auditable information security program.
- A workforce that demonstrates security awareness and embraces shared accountability.
- Security technologies are optimized and integrated across IT towers and business units.
SAFETY FIRST
- Work for an industry leader in pavement marking that puts the safety of their employees at the highest priority.
- Frontline Road Safety is already North America’s leader in pavement marking, but we are not slowing down. We are continuing to grow our footprint and expand our operation. It’s an exciting time to be with us!
- Pay range will be commensurate with knowledge/skills/abilities but should fall in the range of $180K-210K.
- Excellent medical, dental, vision, life insurance and 401(k) benefits including a company match
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resume