CrawlJobs Logo

Director of Cybersecurity Assessments

AMTRAK

Location Icon

Location:
United States, Washington

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

179300.00 - 232416.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Director DT Cyber Defense Assessments oversees enterprise cybersecurity assessments for both Information Technology (IT) and Operational Technology (OT) networks and systems. This role is critical to safeguarding Amtrak’s operational and business systems, directly influencing national infrastructure resilience. The director will lead a unified strategy for identifying, prioritizing, and assessing critical business and safety systems across both IT and OT environments.

Job Responsibility:

  • Oversees enterprise penetration testing and cyber assessments against both IT and OT systems
  • Conducts risk assessments following NIST SP 800-30, tailored for both IT and OT contexts
  • Develops and implements remediation plans
  • Crafts policies that address security in both IT and OT
  • Directs a team that includes both IT and OT security specialists
  • Ensures adherence to regulatory standards, manages audits, and reports on key findings to executive leadership
  • Coordinates with IT and OT incident response teams to manage vulnerabilities
  • Assigns or serves as cybersecurity SME in support of Amtrak projects

Requirements:

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or an equivalent combination of training, education, and relevant experience
  • 10 plus years of experience in cybersecurity, with at least 4 years specifically in penetration testing across IT and OT
  • In-depth knowledge of cybersecurity frameworks such as NIST, ISO/IEC 27001, IEC 62443, and PCI DSS
  • Experience with penetration testing tools tailored for both IT and OT environments
  • Proficiency in operating systems including Windows and Linux
  • Strong understanding of IT and OT networking and associated protocols
  • Familiarity with industrial control systems (ICS) and their security implications

Nice to have:

  • Master’s degree in Cybersecurity, Information Assurance, or a related field
  • Certifications such as CISSP, GICSP, or CSSLP
  • Demonstrated experience in managing security for SCADA systems, PLCs, or other OT environments
  • Familiarity with scripting for automation (Python, PowerShell) in both IT and OT contexts
  • Proven leadership in cross-functional, multi-disciplinary teams
What we offer:
  • health, dental, and vision plans
  • health savings accounts
  • wellness programs
  • flexible spending accounts
  • 401K retirement plan with employer match
  • life insurance
  • short and long term disability insurance
  • paid time off
  • back-up care
  • adoption assistance
  • surrogacy assistance
  • reimbursement of education expenses
  • Public Service Loan Forgiveness eligibility
  • Railroad Retirement sickness and retirement benefits
  • rail pass privileges

Additional Information:

Job Posted:
December 18, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Director of Cybersecurity Assessments

Sr. Director, Cybersecurity Governance, Risk & Compliance

The Sr. Director of Cybersecurity Governance, Risk Management, and Compliance (G...
Location
Location
United States
Salary
Salary:
173500.00 - 419500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or higher in Information Technology, Cybersecurity, Computer Science, or a related field
  • Minimum of 10 years of experience in cybersecurity and/or IT Risk, with at least 5 years focus on GRC
  • Proven track record in a senior leadership role within a large organization
  • Experience in developing and implementing cybersecurity strategies
  • Strong knowledge of relevant regulations and standards, such as GDPR, NIST CSF, and ISO 27001
  • Exceptional leadership and management skills
  • Strong analytical and problem-solving abilities
  • Excellent communication and interpersonal skills
  • Ability to work collaboratively across departments and build consensus
  • Proficient in cybersecurity technologies and tools.
Job Responsibility
Job Responsibility
  • Define and execute a comprehensive cybersecurity GRC strategy that aligns with business objectives and legal/regulatory requirements
  • Partner with cross-functional teams, including Legal, IT, Audit, and Business Units, to integrate security and compliance requirements into business processes
  • Recruit, mentor, and develop a high-performing team of GRC professionals
  • Develop and maintain the cybersecurity governance framework, ensuring it aligns with the organization's overall business objectives
  • Create policies, procedures, and guidelines that support the cybersecurity strategy
  • Ensure compliance with industry standards, regulations, and best practices
  • Identify, assess, and prioritize cybersecurity risks facing the organization
  • Develop risk mitigation strategies and allocate resources to address key risk areas
  • Collaborate with other departments to integrate risk management practices across the organization
  • Monitor and report on the effectiveness of risk management strategies
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial, and emotional wellbeing
  • Career development programs to help achieve career goals
  • Inclusive work environment valuing diverse backgrounds.
  • Fulltime
Read More
Arrow Right

Sr. Director, Cybersecurity

We specifically seek a hands-on, technical security leader. You bring experience...
Location
Location
Canada
Salary
Salary:
Not provided
bugcrowd.com Logo
Bugcrowd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven work experience leading Cyber Security (penetration testing, red teaming, GRC, IR, secure development, and security architecture) in a startup and growing with the organization
  • Excellent knowledge of technical security controls, including cloud, web application, infrastructure, IT, and compliance
  • Experience in data governance, data architecture, data flow and system architecture to optimize the same
  • Hands-on experience with penetration testing, red teaming, and security patch bypass testing
  • Ability to work independently and must have strong organizational and communication skills
  • Systems / Software (detailed knowledge of the following stack): Mac OS, Python, JavaScript, Ruby, Golang, Java, Kotlin, Postgres, GSuite, Cisco Umbrella, Netskope, Crowdstrike, GitHub, AWS, Heroku, Cloudflare, DataDog, JAMF, etc
  • Experience related to and assistance with ISO27001, ISO27018, NIST 800-53v4, and SOC2 audits is compulsory
  • Degree in Computer Science, cyber security, MIS or equivalent experience desirable but not required
  • Experience in cyber security with demonstrations of responsibility and technical excellence
  • Must be eager to work hard, to learn many new skills, solve problems, and integrate tightly with the rest of the team
Job Responsibility
Job Responsibility
  • Define the Cyber Security Strategy for Bugcrowd and identify areas of improvements to the threat landscape, internal risk tolerance objectives, and/or compliance objectives
  • Ensure the technical aspects of vendor acquisitions and tools are safe for Bugcrowd’s use, in unison with the IT and compliance teams
  • Assess corporate technology systems, determine strategy for changes, enhancement and improvements
  • recommend and implement the same, from the perspective of cyber security
  • Carry out and fulfill the cyber security strategy of bugcrowd, proactively improving the security posture with time
  • Work with GRC to assist in designing, develop, implement and coordinate areas of policies and procedures for compliance with SOC-2, NIST 800-53v4, ISO27001,ISO27018, and FedRAMP
  • Represent Bugcrowd in the internal and external audits for SOC-2, ISO27001, and ISO27018
  • Manage Bugcrowd’s bug bounty program, ensuring that clients have a standard to aspire to, when running their own bounty programs
  • Analyze new features prior to development or launch, to ensure the security measures in place are sufficient for the project. (security architecture and security testing)
  • Manage the access controls for Bugcrowd’s production codebase (GitHub)
Read More
Arrow Right

Sr. Director, Cybersecurity

We specifically seek a hands-on, technical security leader. You bring experience...
Location
Location
United Kingdom
Salary
Salary:
Not provided
bugcrowd.com Logo
Bugcrowd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven work experience leading Cyber Security (penetration testing, red teaming, GRC, IR, secure development, and security architecture) in a startup and growing with the organization
  • Excellent knowledge of technical security controls, including cloud, web application, infrastructure, IT, and compliance
  • Experience in data governance, data architecture, data flow and system architecture to optimize the same
  • Hands-on experience with penetration testing, red teaming, and security patch bypass testing
  • Ability to work independently and must have strong organizational and communication skills
  • Systems / Software (detailed knowledge of the following stack): Mac OS, Python, JavaScript, Ruby, Golang, Java, Kotlin, Postgres, GSuite, Cisco Umbrella, Netskope, Crowdstrike, GitHub, AWS, Heroku, Cloudflare, DataDog, JAMF, etc
  • Experience related to and assistance with ISO27001, ISO27018, NIST 800-53v4, and SOC2 audits is compulsory
  • Degree in Computer Science, cyber security, MIS or equivalent experience desirable but not required
  • Experience in cyber security with demonstrations of responsibility and technical excellence
  • Must be eager to work hard, to learn many new skills, solve problems, and integrate tightly with the rest of the team
Job Responsibility
Job Responsibility
  • Define the Cyber Security Strategy for Bugcrowd and identify areas of improvements to the threat landscape, internal risk tolerance objectives, and/or compliance objectives
  • Ensure the technical aspects of vendor acquisitions and tools are safe for Bugcrowd’s use, in unison with the IT and compliance teams
  • Assess corporate technology systems, determine strategy for changes, enhancement and improvements
  • recommend and implement the same, from the perspective of cyber security
  • Carry out and fulfill the cyber security strategy of bugcrowd, proactively improving the security posture with time
  • Work with GRC to assist in designing, develop, implement and coordinate areas of policies and procedures for compliance with SOC-2, NIST 800-53v4, ISO27001,ISO27018, and FedRAMP
  • Represent Bugcrowd in the internal and external audits for SOC-2, ISO27001, and ISO27018
  • Manage Bugcrowd’s bug bounty program, ensuring that clients have a standard to aspire to, when running their own bounty programs
  • Analyze new features prior to development or launch, to ensure the security measures in place are sufficient for the project. (security architecture and security testing)
  • Manage the access controls for Bugcrowd’s production codebase (GitHub)
Read More
Arrow Right
New

IT Cybersecurity GRC Director

As our System Director of IT Cybersecurity, you will provide visionary leadershi...
Location
Location
United States , Englewood
Salary
Salary:
66.26 - 98.56 USD / Hour
americannursingcare.com Logo
American Nursing Care
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelors Other or Equivalent job experience accepted
  • 10+ years of demonstrable experience in assessments within a complex healthcare environment
  • 5+ years of leadership experience in internal/external assessments or a related function
  • Demonstrated experience in a current or previous large-scale enterprise risk management or assessment leadership role or equivalent experience
Job Responsibility
Job Responsibility
  • Develop and implement comprehensive cybersecurity strategies, plans, and solutions that address clinical and business needs, reduce cybersecurity risk, and increase operational effectiveness
  • Partner with organizational leaders to develop and maintain reference plans, standards, and patterns that inform and drive the organization toward future state objectives in cybersecurity
  • Advise and work with clinical, business, and IT stakeholders on enterprise security direction, strategy, and design, ensuring alignment with organizational objectives and industry best practices
  • Oversee the internal and external Assessments of CommonSpirit Health's vendors, cybersecurity systems, and clinical technology
  • Manage and develop a high-performing Cybersecurity Assessments program and team, fostering a culture of continuous improvement and professional development
  • Stay current on emerging cybersecurity assessment and compliance strategies, and adapt the cybersecurity program accordingly
What we offer
What we offer
  • medical
  • prescription drug
  • dental
  • vision plans
  • life insurance
  • paid time off
  • tuition reimbursement
  • retirement plan benefit(s) including, but not limited to, 401(k), 403(b), and other defined benefits offerings
  • Fulltime
Read More
Arrow Right

IT Director

The IT Director will be in charge of setting and implementing IT strategies, man...
Location
Location
United States , New York
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience as an IT Director, with a minimum of 7 years in the field
  • Demonstrated proficiency in IT Strategy formulation and implementation
  • Solid understanding and practical experience in Infrastructure Management
  • Proficiency in Cybersecurity compliance and ability to ensure adherence to all relevant regulations
  • Strong experience in Vendor Management, with the ability to negotiate and manage contracts
  • Proven skills in Budget Management, with the ability to optimize IT costs
  • Experience in Disaster Recovery Business Continuity planning and execution
Job Responsibility
Job Responsibility
  • Establish and implement a clear IT strategy and roadmap, ensuring alignment with business goals and promoting innovation
  • Oversee all IT infrastructure, such as hardware, software, network systems, and cloud services, ensuring they are reliable, secure, and scalable
  • Spearhead the company’s cybersecurity initiatives, implementing best practices for data protection, risk management, and compliance
  • Create formalized documentation that defines clear roles, responsibilities, and accountability within the IT department
  • Drive the implementation of new technologies that improve operational efficiency, enhance client service, and support business growth
  • Manage relationships with external vendors and service providers, and negotiate or review agreements with IT vendors for applications, infrastructure, and security
  • Oversee the IT department budget, aligning with company financial goals and ensuring cost-effective use of resources
  • Stay updated with emerging technologies and trends, bringing innovative solutions to enhance business performance and client service
  • Define and implement robust disaster recovery and business continuity plans, and establish network redundancy to prevent outage
  • Establish Identity and Access Management solutions to manage user access, and develop documented IT policies and cybersecurity policies in alignment with applicable regulations
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

IT Director

The IT Systems Manager is responsible for the effective management, security, an...
Location
Location
United States , Denver
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Technology, Computer Science, or related field
  • Minimum of seven years of experience in IT roles with at least two years of leadership experience
  • Relevant certifications in cloud, security, or virtualization technologies
  • Expertise in IT systems management including centralized policy frameworks and identity management solutions
  • Experience managing hybrid environments combining on-premises systems and cloud platforms
  • Proficiency in automation tools or scripting
  • Advanced understanding of networking principles, security protocols, and authentication systems
  • Familiarity with virtualization platforms and enterprise-level system configurations
  • Expertise with backup and recovery technologies
  • Solid understanding of industry compliance frameworks such as NIST and SOC2
Job Responsibility
Job Responsibility
  • Manage day-to-day operations of IT infrastructure including servers, networks, and cloud systems
  • Oversee implementation and maintenance of backup and recovery technologies
  • Develop and test robust disaster recovery plans
  • Monitor and respond to security events proactively
  • Manage and optimize virtualized systems
  • Collaborate with internal stakeholders to align IT systems with organizational goals
  • Maintain strategic partnerships with vendors and manage contracts
  • Conduct audits, risk assessments, and evaluations for compliance
  • Lead and mentor IT teams
What we offer
What we offer
  • Medical, vision, dental, life and disability insurance
  • 401(k) plan
  • Free online training
  • Competitive compensation
  • Fulltime
Read More
Arrow Right

Director of Security

Jeeves is looking for a visionary and hands-on Director of Information Security ...
Location
Location
Brazil , São Paulo
Salary
Salary:
Not provided
tryjeeves.com Logo
Jeeves
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Master's degree preferred
  • 10+ years of progressive experience in information security
  • At least 5 years in a leadership or management role, preferably within a B2B SaaS or FinTech environment
  • Proven experience operating in a global organization with a strong understanding of diverse regulatory landscapes across North America, EMEA, and Latin America (Mexico, Colombia, Brazil)
  • Strong understanding of financial industry security regulations and compliance frameworks (e.g., PCI DSS, SOC 2, ISO 27001, NIST Cybersecurity Framework, GDPR, LGPD)
  • Deep technical expertise across a broad range of security domains, including network security, cloud security (AWS, Azure, GCP), application security, data security, identity and access management, and incident response
  • Experience with various security tools and technologies (SIEM, EDR, WAF, DLP, vulnerability scanners, etc.)
  • Excellent communication, interpersonal, and presentation skills, with the ability to articulate complex security concepts to technical and non-technical audiences, including executive leadership
  • Strong analytical and problem-solving skills, with a proactive and pragmatic approach to security
Job Responsibility
Job Responsibility
  • Develop, implement, and maintain a robust global information security strategy aligned with business objectives, regulatory requirements, and industry best practices
  • Lead the evolution of our security roadmap, identifying emerging threats, vulnerabilities, and opportunities for improvement
  • Provide expert guidance and leadership on all aspects of information security to executive management and key stakeholders
  • Oversee the design, implementation, and continuous improvement of security policies, standards, procedures, and guidelines across the organization
  • Manage and mature our security awareness and training programs for all employees, fostering a security-conscious culture
  • Develop and manage the information security budget and resource allocation
  • Establish and maintain an enterprise-wide information security risk management framework, conducting regular risk assessments and managing mitigation plans
  • Ensure compliance with relevant international, regional, and local data privacy and security regulations
  • Lead and coordinate external security audits and assessments, facilitating responses to findings and ensuring timely remediation
  • Oversee security operations, including vulnerability management, penetration testing, security monitoring, and incident detection and response
  • Fulltime
Read More
Arrow Right

Director of Information Security

Jeeves is looking for a visionary and hands-on Director of Information Security ...
Location
Location
Mexico , Mexico City
Salary
Salary:
Not provided
tryjeeves.com Logo
Jeeves
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Master's degree preferred
  • 10+ years of progressive experience in information security
  • At least 5 years in a leadership or management role, preferably within a B2B SaaS or FinTech environment
  • Proven experience operating in a global organization with a strong understanding of diverse regulatory landscapes across North America, EMEA, and Latin America (Mexico, Colombia, Brazil)
  • Strong understanding of financial industry security regulations and compliance frameworks (e.g., PCI DSS, SOC 2, ISO 27001, NIST Cybersecurity Framework, GDPR, LGPD)
  • Deep technical expertise across a broad range of security domains, including network security, cloud security (AWS, Azure, GCP), application security, data security, identity and access management, and incident response
  • Experience with various security tools and technologies (SIEM, EDR, WAF, DLP, vulnerability scanners, etc.)
  • Excellent communication, interpersonal, and presentation skills, with the ability to articulate complex security concepts to technical and non-technical audiences, including executive leadership
  • Strong analytical and problem-solving skills, with a proactive and pragmatic approach to security
Job Responsibility
Job Responsibility
  • Develop, implement, and maintain a robust global information security strategy aligned with business objectives, regulatory requirements, and industry best practices
  • Lead the evolution of our security roadmap, identifying emerging threats, vulnerabilities, and opportunities for improvement
  • Provide expert guidance and leadership on all aspects of information security to executive management and key stakeholders
  • Oversee the design, implementation, and continuous improvement of security policies, standards, procedures, and guidelines across the organization
  • Manage and mature our security awareness and training programs for all employees
  • Develop and manage the information security budget and resource allocation
  • Establish and maintain an enterprise-wide information security risk management framework, conducting regular risk assessments and managing mitigation plans
  • Ensure compliance with relevant international, regional, and local data privacy and security regulations
  • Lead and coordinate external security audits and assessments
  • Oversee security operations, including vulnerability management, penetration testing, security monitoring, and incident detection and response
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy