Ryan LLC
Senior Director, Security Development and Operations
Ryan LLC - Dallas, Texas, United States, 75215
Work at Ryan LLC
Overview
- View job
Overview
Senior Director, Security Development and Operations page is loaded Senior Director, Security Development and Operations Apply locations Dallas time type Full time posted on Posted 30+ Days Ago job requisition id R0016164
Why Ryan? Hybrid Work Options
Award-Winning Culture
Generous Personal Time Off (PTO) Benefits
14-Weeks of 100% Paid Leave for New Parents (Adoption Included)
Monthly Gym Membership Reimbursement OR Gym Equipment Reimbursement
Benefits Eligibility Effective Day One
401K with Employer Match
Tuition Reimbursement After One Year of Service
Fertility Assistance Program
Four-Week Company-Paid Sabbatical Eligibility After Five Years of Service
The Senior Director, Security Development and Operations will provide strategic leadership and oversight of the organization’s integrated security program, encompassing proactive threat management, secure software development practices, incident response, and team development. This leader will be instrumental in evolving the firm’s security posture by refining incident response playbooks, championing a robust Secure Software Development Life Cycle (SDLC), and ensuring a proactive threat hunting and penetration testing regimen. Additionally, they will design and track key performance indicators (KPIs) and metrics to continually assess and enhance the effectiveness of the security operations and development programs. The Senior Director will work cross-functionally with engineering, IT, compliance, and product teams to embed security at every layer of the organization’s technology stack and culture.
Duties and responsibilities, as they align to Ryan’s Key Results People: Team Leadership and Development: Lead, mentor, and grow a high-performing team of security practitioners, including engineers, analysts, and architects, fostering a culture of continuous learning and collaboration. Provide guidance and hands-on training to elevate team capabilities in penetration testing, incident response, and threat hunting. Identify skill gaps, promote professional development, and ensure alignment of security team activities with organizational goals. Client: Security Controls and Solutions Management: Develop and maintain foundational security controls and solutions, including Endpoint Detection and Response (EDR), SIEM platforms, Email Security systems, and Cloud Security controls. Evaluate, select, and optimize security technologies to ensure comprehensive threat coverage, alignment with regulatory requirements, and cost-effective risk reduction. Collaborate with stakeholders to ensure solutions integrate seamlessly with existing infrastructure and workflows. Value: Secure SDLC and Architecture: Partner with engineering, product, and IT teams to design and maintain a robust Secure SDLC, embedding security controls and checks throughout the development pipeline. Review and refine security architecture to ensure that applications and infrastructure adhere to best practices and industry standards. Integrate automated security testing, code analysis, and vulnerability scanning into development workflows to minimize risk and accelerate secure code delivery. Incident Response and Threat Management: Oversee the continuous improvement of incident response playbooks and processes, ensuring efficient, repeatable workflows for detecting and addressing security incidents. Direct proactive threat hunting initiatives, leveraging threat intelligence, advanced analytics, and tooling to identify and mitigate risks before they can be exploited. Guide the implementation of remediation strategies and assess their efficacy against emerging threats. Penetration Testing and Security Assessments: Establish and evolve a formal penetration testing program, ensuring the use of recognized methodologies (e.g., OWASP, PTES) and industry-standard tools. Ensure the team remains current on penetration testing best practices, regularly assessing critical systems, applications, and infrastructure. Oversee the documentation and presentation of penetration testing findings, including recommended remediation steps and timelines. Metrics, KPIs, and Reporting: Define, implement, and regularly review KPIs and metrics to quantify the effectiveness and maturity of security operations, development practices, and threat management efforts. Communicate program performance and trends to executive leadership, along with data-driven recommendations for continuous improvement. Maintain transparency and accountability by delivering clear, concise reports that highlight progress, challenges, and opportunities. Other Threat Management Duties as assigned Education and Experience: Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field; Master’s degree preferred. 12+ years of progressive experience in cybersecurity, including leadership roles overseeing SOC operations, secure development practices, and proactive threat management. Demonstrated success in guiding teams through complex security initiatives and maturing security programs. Computer Skills: Strong proficiency in both Microsoft Windows and Linux operating systems. Ability to write and understand code and scripting languages (e.g., Python, Bash, PowerShell) for automation, tooling integration, and validation of security controls. Understanding of common penetration testing methodologies and primary security assessment tools (e.g., Nmap, Metasploit, Burp Suite). Knowledge of foundational security controls (EDR, SIEM, Email Security gateways, Cloud Security platforms) and their strategic deployment. Familiarity with regulatory frameworks, compliance standards (e.g., NIST CSF 2.0, SOC2), and industry best practices. Certificates and Licenses: CISSP, OSCP, CEH, GCIH, or similar certifications preferred. Valid driver’s license required. Supervisory Responsibilities: This position will have supervisory responsibilities, overseeing multiple security team members and functions. Equal Opportunity Employer: disability/veteran
About Us
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Ryan LLC (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status). Job duties related to this role are to be conducted in a manner that adheres to privacy laws, as well as follows internal governance related to protecting confidential information and trade secrets, and to securing data and company records. Ryan, LLC is an equal opportunity employer and is committed to compliance with all applicable laws prohibiting employment discrimination. It is our policy to take all employment actions and make all employment decisions without regard to race, color, religion, creed, gender, sex (including pregnancy), affectional or sexual orientation, gender identity or expression, national origin, ancestry, age, marital status, citizenship status, genetic predisposition or carrier status, disability, military status, status as a disabled or other protected veteran or any other protected status under applicable law. It is Ryan's policy to make reasonable accommodation for qualified individuals with disabilities. Please contact our People Group at 972.934.0022 or
peoplegroup@ryan.com
if you are interested in applying and need assistance to submit your application, or if you are interested in a position and believe you may require a reasonable a ccommodation in order for you to perform its essential functions. Click
here
to view the entire EEO poster and supplement. *Notice to Canada Candidates – In accordance with the Accessibility for Ontarians with Disabilities Act ( AODA ) and the Canadian Human Rights Act , Ryan ULC will provide accommodation, accessible formats and communication supports for the interview upon request. Ryan welcomes and encourages applications from people with disabilities*. Please access our Privacy Notice in relation to this at the following link for additional information on how we protect and handle personal information . To change or modify any personal information previously provided, please
click here
to access our Data Subject Access Request form .
#J-18808-Ljbffr
Why Ryan? Hybrid Work Options
Award-Winning Culture
Generous Personal Time Off (PTO) Benefits
14-Weeks of 100% Paid Leave for New Parents (Adoption Included)
Monthly Gym Membership Reimbursement OR Gym Equipment Reimbursement
Benefits Eligibility Effective Day One
401K with Employer Match
Tuition Reimbursement After One Year of Service
Fertility Assistance Program
Four-Week Company-Paid Sabbatical Eligibility After Five Years of Service
The Senior Director, Security Development and Operations will provide strategic leadership and oversight of the organization’s integrated security program, encompassing proactive threat management, secure software development practices, incident response, and team development. This leader will be instrumental in evolving the firm’s security posture by refining incident response playbooks, championing a robust Secure Software Development Life Cycle (SDLC), and ensuring a proactive threat hunting and penetration testing regimen. Additionally, they will design and track key performance indicators (KPIs) and metrics to continually assess and enhance the effectiveness of the security operations and development programs. The Senior Director will work cross-functionally with engineering, IT, compliance, and product teams to embed security at every layer of the organization’s technology stack and culture.
Duties and responsibilities, as they align to Ryan’s Key Results People: Team Leadership and Development: Lead, mentor, and grow a high-performing team of security practitioners, including engineers, analysts, and architects, fostering a culture of continuous learning and collaboration. Provide guidance and hands-on training to elevate team capabilities in penetration testing, incident response, and threat hunting. Identify skill gaps, promote professional development, and ensure alignment of security team activities with organizational goals. Client: Security Controls and Solutions Management: Develop and maintain foundational security controls and solutions, including Endpoint Detection and Response (EDR), SIEM platforms, Email Security systems, and Cloud Security controls. Evaluate, select, and optimize security technologies to ensure comprehensive threat coverage, alignment with regulatory requirements, and cost-effective risk reduction. Collaborate with stakeholders to ensure solutions integrate seamlessly with existing infrastructure and workflows. Value: Secure SDLC and Architecture: Partner with engineering, product, and IT teams to design and maintain a robust Secure SDLC, embedding security controls and checks throughout the development pipeline. Review and refine security architecture to ensure that applications and infrastructure adhere to best practices and industry standards. Integrate automated security testing, code analysis, and vulnerability scanning into development workflows to minimize risk and accelerate secure code delivery. Incident Response and Threat Management: Oversee the continuous improvement of incident response playbooks and processes, ensuring efficient, repeatable workflows for detecting and addressing security incidents. Direct proactive threat hunting initiatives, leveraging threat intelligence, advanced analytics, and tooling to identify and mitigate risks before they can be exploited. Guide the implementation of remediation strategies and assess their efficacy against emerging threats. Penetration Testing and Security Assessments: Establish and evolve a formal penetration testing program, ensuring the use of recognized methodologies (e.g., OWASP, PTES) and industry-standard tools. Ensure the team remains current on penetration testing best practices, regularly assessing critical systems, applications, and infrastructure. Oversee the documentation and presentation of penetration testing findings, including recommended remediation steps and timelines. Metrics, KPIs, and Reporting: Define, implement, and regularly review KPIs and metrics to quantify the effectiveness and maturity of security operations, development practices, and threat management efforts. Communicate program performance and trends to executive leadership, along with data-driven recommendations for continuous improvement. Maintain transparency and accountability by delivering clear, concise reports that highlight progress, challenges, and opportunities. Other Threat Management Duties as assigned Education and Experience: Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field; Master’s degree preferred. 12+ years of progressive experience in cybersecurity, including leadership roles overseeing SOC operations, secure development practices, and proactive threat management. Demonstrated success in guiding teams through complex security initiatives and maturing security programs. Computer Skills: Strong proficiency in both Microsoft Windows and Linux operating systems. Ability to write and understand code and scripting languages (e.g., Python, Bash, PowerShell) for automation, tooling integration, and validation of security controls. Understanding of common penetration testing methodologies and primary security assessment tools (e.g., Nmap, Metasploit, Burp Suite). Knowledge of foundational security controls (EDR, SIEM, Email Security gateways, Cloud Security platforms) and their strategic deployment. Familiarity with regulatory frameworks, compliance standards (e.g., NIST CSF 2.0, SOC2), and industry best practices. Certificates and Licenses: CISSP, OSCP, CEH, GCIH, or similar certifications preferred. Valid driver’s license required. Supervisory Responsibilities: This position will have supervisory responsibilities, overseeing multiple security team members and functions. Equal Opportunity Employer: disability/veteran
About Us
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Ryan LLC (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status). Job duties related to this role are to be conducted in a manner that adheres to privacy laws, as well as follows internal governance related to protecting confidential information and trade secrets, and to securing data and company records. Ryan, LLC is an equal opportunity employer and is committed to compliance with all applicable laws prohibiting employment discrimination. It is our policy to take all employment actions and make all employment decisions without regard to race, color, religion, creed, gender, sex (including pregnancy), affectional or sexual orientation, gender identity or expression, national origin, ancestry, age, marital status, citizenship status, genetic predisposition or carrier status, disability, military status, status as a disabled or other protected veteran or any other protected status under applicable law. It is Ryan's policy to make reasonable accommodation for qualified individuals with disabilities. Please contact our People Group at 972.934.0022 or
peoplegroup@ryan.com
if you are interested in applying and need assistance to submit your application, or if you are interested in a position and believe you may require a reasonable a ccommodation in order for you to perform its essential functions. Click
here
to view the entire EEO poster and supplement. *Notice to Canada Candidates – In accordance with the Accessibility for Ontarians with Disabilities Act ( AODA ) and the Canadian Human Rights Act , Ryan ULC will provide accommodation, accessible formats and communication supports for the interview upon request. Ryan welcomes and encourages applications from people with disabilities*. Please access our Privacy Notice in relation to this at the following link for additional information on how we protect and handle personal information . To change or modify any personal information previously provided, please
click here
to access our Data Subject Access Request form .
#J-18808-Ljbffr