Director of Cybersecurity

Lightpath is one of the largest competitive local exchange carriers in the tri-state area. We own and operate our infrastructure "from the ground up" by deploying over 20,000 route miles connecting 13,500 on-net/LIT buildings. With a strong portfolio of cutting edge solutions for Internet, WAN, Voice, SD-WAN, Security & Cloud services, we enable Enterprise customers of all sizes the ability to react to new challenges while developing best practices for the future. With Lightpath's continued focus on network excellence and a "customer first" service commitment, we are building a workforce of the best talent that will meet the needs of our customers and reflect the diverse communities we serve.

Job Summary

We're seeking a seasoned Director of Cybersecurity to lead our enterprise security program. This role combines deep hands-on technical expertise with strategic leadership-you'll architect, implement, and continuously improve our security posture across network, infrastructure, cloud, and applications, while building processes that meet SOC compliance objectives. You will manage a small, high-impact team and coordinate closely with managed service providers (MSPs) and other vendors to deliver measurable risk reduction.

Responsibilities

Strategy, Governance & Compliance

• Own the enterprise cybersecurity strategy aligned to business objectives, risk appetite, and regulatory obligations (e.g., SOC 2, NIST CSF, ISO 27001).
• Create and enforce comprehensive security policies, incident response plans, and disaster recovery protocols across the organization.
• Lead audit readiness and evidence collection for SOC compliance; coordinate corrective actions and continuous control monitoring.
• Establish and run security risk management (asset classification, threat modeling, risk assessments, control design).
• Develop security awareness programs targeting phishing resilience, data handling, and secure practices.
• Present security posture, metrics, and risk to leadership; influence budget, roadmap, and prioritization.

Technical Operations (Hands-On)

• Infrastructure Defense: Maintain hands-on oversight of SIEM (Security Information and Event Management), Email Gateways, and Endpoint Protection (EDR/XDR), Identity Management, and other key technology components.
• Network Security: Utilize deep networking knowledge to secure complex B2B telecom environments, managing firewalls, VPNs, and LAN/WAN security.
• Incident Response: Serve as the technical lead for security incidents, performing root-cause analysis and remediation.

Team & Vendor Leadership

• Team Management: Mentor and manage a small, high-performing team of security analysts/engineers.
• Vendor Relations: Oversee Managed Security Service Providers (MSSPs) and third-party security vendors to ensure 24/7 coverage and SLA adherence.
• Drive third-party risk management (security questionnaires, due diligence, contractual controls, continuous monitoring).

Qualifications

• 10+ years in cybersecurity, with 5+ years in leadership roles managing small technical teams and vendors.
• SIEM engineering and operations (rule creation, tuning, threat detection).
• Email security gateways and anti-phishing controls (DMARC/DKIM/SPF).
• Endpoint protection/EDR/XDR tools and response workflows.
• Network security: firewalls (L3/L7), IPS/IDS, segmentation, routing/switching fundamentals, BGP/OSPF, VPN, NAC.
• Demonstrated experience building and auditing controls toward SOC 2 compliance; familiarity with NIST CSF, ISO 27001.
• Strong knowledge of incident response, threat hunting, vulnerability management, identity & access management, and data protection.
• Proficiency in log management, automation/scripting (e.g., Python, PowerShell), and security tool integrations/APIs.
• Excellent communication skills-able to translate technical risk into business impact and influence executive stakeholders.

Preferred Qualifications

• Experience in telecommunications or other B2B service provider environments (multi-tenant, high-availability, customer SLAs).
• Exposure to packet capture/analysis (e.g., Wireshark), NetFlow, and network forensics.
• Knowledge of Zero Trust architectures and SASE/ZTNA implementations.
• Certifications: CISSP, CISM, GCIH, GCIA, OSCP, CCSP, CEH, Security+, or equivalent.
• Experience with Cloud Security (AWS/Azure/GCP), KMS, Secrets Management, CSPM/CIEM.
• Familiarity with privacy and data protection standards (e.g., GDPR, CCPA) and customer audit support.

Key Performance Indicators (KPIs)

• Time to Detect/Respond/Contain (MTTD/MTTR/MTTC) and incident severity trends.
• Control maturity and audit findings (closure rate, remediation timelines) for SOC readiness.
• Vulnerability SLAs: time to remediate, risk reduction across critical assets.
• Coverage and fidelity of detections (false positive rates, alert-to-incident conversion).
• Phishing resilience: campaign results, reporting rate, click rate reduction.
• Vendor performance: SLA adherence, cost-effectiveness, roadmap delivery.
• Business alignment: on-time delivery of secure projects, stakeholder satisfaction.

Lightpath is an Equal Opportunity Employer committed to recruiting, hiring and promoting qualified people of all backgrounds regardless of gender, race, color, creed, national origin, religion, age, marital status, pregnancy, physical or mental disability, sexual orientation, gender identity, military or veteran status, or any other basis protected by federal, state, or local law.

Lightpath collects personal information about its applicants for employment that may include personal identifiers, professional or employment related information, photos, education information and/or protected classifications under federal and state law. This information is collected for employment purposes, including identification, work authorization, FCRA-compliant background screening, human resource administration and compliance with federal, state and local law.

This position is identified as being performed in/or reporting to company operations in New York State. The pay range at the time of posting in the specified locations is $150,000 - $200,000/year. Pay ranges are supplied in compliance with New York State law. Pay is competitive and based on a number of job-related factors, including skills and experience. Some of our featured benefits include medical, dental, vision insurance, yearly bonus program and company matched 401k.