Cyber Security Director

About Us

Crescendo is a leading AI company creating CX Solutions for brands in SaaS, HealthTech, FinTech, eCommerce, and beyond. We are creating a brand new category in the market called Augmented AI — a combination of omnichannel Agentic AI and live human agents to provide customers with end-to-end CX solutions in any language, 24/7.

The Role

The Cyber Security Director is responsible for leading and continuing to build Crescendo’s cyber security program, covering internal systems and software products, to safeguard the organization’s digital assets. The Cyber Security Director will work jointly with the IT, Legal, Product, and Engineering departments to ensure Crescendo digital assets and systems are adequately protected from threats. This role will lead the InfoSec and Security Operations functions and report to the VP, Information Systems and Security.

What You’ll Do:

• Own strategy and vision for the cyber security program, communicating that strategy to the rest of the business, and establishing best practices for the program.
• Represent cyber security for the company, both internally and to external stakeholders.
• Oversee implementation of appropriate technical controls and system configurations.
• Collaborate with IT and Engineering to minimize security risks through implementation of secure configurations and periodic reviews.
• Collaborate with IT and Engineering to evolve technical threat detection and incident response processes. Represent the company during incidents.
• Perform regular internal risk and security assessments; propose solutions and practices designed to mitigate risk and meet best-practices requirements.
• Oversee defensive and offensive security practices, including but not limited to regular risk assessments and penetration testing.
• Lead the InfoSec team in maintaining and improving global security posture and certifications such as ISO 27001, SOC2, and PCI. Recommend future security strategies.
• Evolve and enhance the Security Operations Center to meet changing business and technical requirements. 
• Actively monitor and keep up to date with the latest trends and emerging threats in cyber security principles and practices.
• Manage, train, and provide mentorship to associates on the cybersecurity team; hire for new positions as the team grows.

What We Expect From You:

• Working knowledge of automation techniques and tools in security (Vanta, intruder).
• Working knowledge of AI.
• 5 to 10 years of experience in cybersecurity, security management, and compliance within a cloud-based environment.
• Deep understanding of cybersecurity principles, AI security risks, including data privacy, adversarial attacks, and compliance with AI-related regulations (e.g., EU AI Act, NIST AI Risk Management Framework).
• Experience securing SaaS, cloud-native, and AI-powered platforms, preferably in AWS or Google Cloud.
• Ability to communicate security posture effectively to customers and prospects and fully engage in technical conversations if required.
• Technical experience securing modern SaaS applications throughout the application lifecycle in a variety of modern cloud environments.
• Security certifications such as CISSP, CISM, etc.
• Technical knowledge of threat modeling, OWASP principles, and secure SDLC processes.
• Experience working with red team / blue team operations.
• Knowledge of ethical hacking.
• Strong technical background in cyber security and knowledge of the relevant principles, techniques, trends, best practices, and standards.
• Familiarity with implementation of / adherence to applicable standards and regulations such as SSAE16 (SOC1, SOC2, SOC3), ISO 2700X, NIST, HIPAA, PCI-DSS.
• Familiarity with privacy regulations such as GDPR, CCPA, and legal aspects related to data protection.
• Experience with risk management and security assessment/audit activities.
• Experience managing remote and/or dispersed teams.
• Ability to communicate complex cyber security topics to executive and senior management teams, recommend strategies and solutions, and put them into practice.

What You’ll Get In Return:

• Remote working arrangements 
• Competitive Base Salary
• Generous paid vacation
• Attractive benefits package including medical, dental, and vision options that are applicable per country of residence for all our full-time employees
• Training opportunities provided by Crescendo and outside entities
• 1-on-1 coaching with feedback sessions, mentorship, and opportunities for cross-functional development

Company Culture Is At Our Core:

Our core values bring intention to our work and set the tone for our culture. From the partners we serve to the associates who work with us, we share a set of core values that guide our actions.

• Care for others - Cooperate, empathize, and seek opportunities to put each other first.
• Embrace growth - Expand your mind by taking calculated risks, developing your skills, and staying open to change
• Manifest trust - Trust is the bond that allows us to work at our highest levels, as members of a team, in a unified direction. It is continuously earned by delivering on our commitments.
• Take ownership - Doing the right thing should come naturally.
• Be humble - Seek guidance, receive feedback, ask questions, and listen to your colleagues

Crescendo is proud to be an equal-opportunity workplace. We value diversity, inclusion, equity, and belonging and these pillars are at the heart of how we work together. We are committed to providing equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, Veteran status, or any other applicable legally protected characteristics in the location in which the candidate is applying. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

We are committed to the inclusion of all individuals and will make reasonable accommodations for qualified individuals with disabilities in our job application process. If you require assistance or accommodations to participate in the job application or interview process, please contact [email protected].