• Develop, implement, and maintain a comprehensive information security strategy aligned with business objectives
• Collaborate with executive leadership to identify and prioritize security initiatives
• Provide regular updates on cybersecurity risks, incidents, and mitigation strategies to Curia leadership and board of directors
• Assess, monitor, and mitigate information security risks across the organization
• Implement security frameworks such as NIST, ISO 27001, or others as applicable
• Lead security risk assessments, audits, and vulnerability management to ensure compliance and system integrity
• Manage Cybersecurity operations, threat and vulnerability management programs
• Develop and monitor key performance indicator (KPI) metrics; track and report on overall information security performance
• Establish and oversee incident response protocols and teams to address potential cybersecurity breaches.
• Lead post-incident reviews to strengthen defenses and update policies.
• Ensure business continuity and disaster recovery plans are robust and tested.
• Ensure compliance with relevant regulations and standards (e.g., GDPR, HIPAA, SOX)
• Establish and maintain policies, procedures, and guidelines to protect sensitive data and intellectual property
• Oversee security awareness training programs for employees
• Evaluate, procure, and deploy security technologies to address emerging threats
• Monitor advancements in cybersecurity tools and techniques to maintain cutting-edge defenses.
• Partner with IT teams to integrate security measures into system design and architecture
• Build and manage a high-performing information security team
• Foster a culture of accountability, innovation, and continuous learning within the security organization
• Mentor and develop security personnel to enhance organizational capabilities operations function within the company

Required Qualifications

​

• Bachelor’s degree in information security or Computer Science or related field
• 10-15 years of experience in Cybersecurity or Cyber Incident Response or Information Technology
• 3+ years of experience in managing Incident Response and Vulnerability Management or other security operations areas
• GCIA, GCIH, GIAC, CISSP, CISA, CEH, or similar certification
• Demonstrated experience applying security and risk frameworks, and regulations such as NIST CSF/800-53/800-171, Cyber Kill Chain, MITRE ATT&CK, OWASP, CSA, etc.
• Deep technical knowledge and experience in SIEM technology, threat intelligence platforms, vulnerability assessment tools, cloud platforms, EDR, Cyber threats and attack vectors, exploitation methods, and IOC and TTP’s
• Experience in threat modeling, threat hunting and intelligence, incident response tabletop exercises, and process automation
• Experience with penetration testing, threat assessments, and vulnerability assessments
• Experience in cybersecurity architecture, cloud security, risk assessment and management, network Security, identity and access management, data security and governance
• Experience managing compliance with global regulatory requirements

Pay Range: $164,000-$212,730/year

​

Education, experience, location and tenure may be considered along with internal equity when job offers are extended.

​

We do not accept unsolicited assistance from any headhunters or recruitment firms for any of our job openings. All resumes or profiles submitted by search firms to any employee at Curia, in any form without a valid, signed search agreement by an authorized signatory in place for the specific position, approved by Talent Acquisition, will be deemed the sole property of Curia. No fee will be paid in the event the candidate is hired by Curia because of the unsolicited referral.

​

All interested applicants must apply online. Please be aware of scammers. Curia will only send offer letters and requests for sensitive personal information from a curiaglobal.com email address. Curia is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Curia is an E-Verify employer.