Cybersecurity Director

About the Company

Business Wire, part of Berkshire Hathaway, is a worldwide leader in press release distribution and regulatory disclosure. The organization focuses on helping companies of all sizes share important market news and multimedia accurately, while also driving audience engagement and meaningful interaction.

Role Overview

The Cybersecurity Director will provide enterprise-wide leadership for Business Wire’s security function. This position owns cybersecurity strategy, security architecture and infrastructure oversight, risk-based decision-making, and the ongoing development of a strong Governance, Risk, and Compliance (GRC) program.

The role partners closely with teams across the business to safeguard current products and to support new client solutions delivered through data centers and cloud environments. It also oversees an external cyber defense partner and drives work across cloud security, application security, identity and access management, Zero Trust, vulnerability management, email protection, data security, privacy, and emerging risks such as AI.

In addition, this leader will strengthen security governance, support internal and external audits, build a security-minded culture, and help business teams weave risk management into day-to-day operations.

Key Responsibilities

• Design and sustain the cybersecurity and GRC roadmap so it stays aligned with broader business goals.
• Continuously improve security controls and approaches to better protect critical systems, information, and assets.
• Lead decision-making on complex security and regulatory matters.
• Own the GRC program to support corporate audits, customer reviews, and requirements such as PCI DSS, SOC 2, and ISO 27001, while ensuring all audit obligations are met.
• Drive periodic risk reviews, penetration testing, and vulnerability assessments to uncover and reduce threats across infrastructure, applications, and data.
• Oversee the preparation and distribution of security communications, including awareness campaigns, training notices, policy updates, alerts, and incident-related messaging.
• Manage the relationship with the external cyber defense provider, including evaluation of service quality and alignment with Business Wire’s security priorities.
• Lead cybersecurity incident response at the executive level and coordinate with IT, Legal, HR, Privacy, Communications, and other stakeholders as needed.
• Guide the development and improvement of governance programs, security policies, standards, and secure architecture guidance.
• Direct enterprise risk assessments and ensure remediation actions are prioritized and completed; also steer privacy and data protection initiatives.
• Mentor and develop cybersecurity and GRC team members while promoting strong delivery, growth, and collaboration.
• Serve as a strategic advisor to senior leaders on risk, architecture decisions, and security planning.
• Use performance metrics to measure the effectiveness of security, governance, and compliance initiatives.
• Communicate technical topics clearly and convert them into practical business-focused actions.

Requirements

• Bachelor’s or master’s degree in Computer Science, Information Security, or a related discipline.
• At least 10 years of relevant information security experience, including 5 or more years in managerial and strategic leadership roles.
• Working knowledge of data protection, privacy laws, and cybersecurity governance frameworks.
• Strong background in cloud security, including AWS and Azure, plus cybersecurity architecture, application security, identity management, and Zero Trust.
• Experience with encryption, access controls, code review practices, and secure coding.
• Proven ability to design and implement GRC frameworks and risk management processes.
• Familiarity with PCI DSS, SOC 2, and ISO 27001 compliance requirements.
• CISSP or an equivalent security certification is an advantage.
• Strong capability in leadership and team development.
• Excellent written and verbal communication skills for working with executives, internal partners, and external stakeholders, along with the ability to simplify complex security matters and provide constructive feedback.
• Highly organized, analytical, detail-focused, proactive, and persistent.
• Experience managing external security service providers or technology partners.
• Applicants must not require employment sponsorship in the United States.
• A pre-employment background check will be completed after an offer is accepted.

Compensation and Benefits

The base pay for this role is $230,000 to $245,000 per year. Final compensation depends on factors such as education, experience, knowledge, skills, abilities, internal equity, and market data. The company may revise the salary range at its discretion.

• Remote work option.
• Health coverage starting on the first day of employment.
• $100 monthly fitness allowance, tuition reimbursement, and expanded mental health support.
• 401(k) plan with a generous company match and annual profit-sharing contribution, subject to company performance.
• Paid time off, floating holidays, a wellness day off, a birthday day off, and additional leave benefits.

Equal Opportunity and Hiring Notes

Business Wire is an equal opportunity employer and considers all qualified candidates regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or veteran status. In line with applicable fair chance laws and company policy, applicants with arrest or conviction records may also be considered.