Director Information Security

• Lead the information security function, including day-to-day management and development of security analysts.
• Establish and enforce security policies, standards, and control requirements; verify consistent implementation.
• Own application security for Celink's proprietary servicing platform, influencing secure SDLC practices and engineering standards.
• Partner with application and infrastructure teams to prioritize, remediate, and track application and system vulnerabilities.
• Own vulnerability management and detection, including tool configuration, tuning, and operating metrics.
• Supervise intake and triage of security alerts from internal tools, managed service providers, and user-reported incidents.
• Oversee governance and security controls for the use of AI tools (including generative AI) in day-to-day work and for AI capabilities embedded in our systems.
• Serve as a member of the Cybersecurity Incident Response Team (CIRT), coordinating investigation, containment, and post-incident improvements.
• Oversee audit and compliance support activities (e.g., access reviews) and partner with stakeholders on evidence and reporting.
• Report security posture, control health, and key risks to technology leadership and the risk organization.
• Manage cybersecurity tool budgets and vendor relationships, including selection, oversight, and issue resolution.
• Provide on-call support as required., * Security frameworks and controls: CIS Controls (v8), NIST CSF, and risk-based control design.
• Application security leadership: secure SDLC, threat modeling, secure design reviews, and developer enablement.
• Modern AppSec techniques and standards: OWASP Top 10 (Web/API), SAST/DAST/SCA, and vulnerability remediation practices.
• Cloud security (AWS preferred): identity and access, network segmentation, logging/monitoring, and secure configuration of cloud resources.
• AI security and governance: secure use of AI tools and AI-enabled features (including LLM/GenAI), prompt/data handling controls, model and vendor risk considerations, and security testing/monitoring for AI integrations.
• Security tooling across SIEM, EDR/MDR/XDR, vulnerability management, and email security; ability to tune detections and operating metrics.
• Operating systems fundamentals: working knowledge of Linux and Windows administration, hardening, and troubleshooting.
• Network and infrastructure security fundamentals: TCP/IP, network architecture, firewalls, IDS/IPS, and common infrastructure vulnerabilities.
• Data protection concepts: encryption, key management fundamentals, data classification, and common data-loss risks.
• Automation capability: scripting to streamline analysis, security testing, integrations, and operational workflows.
• Security reporting and analytics: ability to use PowerPoint, Excel, Power BI, or similar tools to communicate risk, trends, and control health.
• Incident response exposure (preferred): forensics fundamentals, attacker tactics/techniques, and penetration testing concepts.

Skills and Abilities

• Executive communication: clearly articulate cybersecurity risk, control posture, and priorities to technical and business audiences.
• Security leadership: hire, coach, and retain talent; set expectations, operating cadence, and performance standards.
• Program and delivery management: translate strategy into roadmaps, measurable outcomes, and continuous improvement.
• Stakeholder partnership: influence engineering, infrastructure, and risk partners to embed security into product and operational decisions.
• Sound judgment under pressure: prioritize competing risks, make timely decisions, and drive issues to resolution.
• Operational discipline: establish repeatable processes (intake, triage, escalation, evidence, reporting) and drive follow-through.
• Collaboration and customer focus: work effectively with end users, business leaders, auditors, and IT teams in a remote environment.

Bachelor's degree in computer science, information security or another related field

Advanced degree in Cybersecurity, Computer Science, or related field preferred., * 10+ years of experience in Information Technology

• 5+ years of experience in security risk and compliance management, assessment, auditing, research and/or consulting
• Proven track record of developing and implementing effective security programs.
• Strong understanding of industry best practices and regulatory requirements.

Professional Certification/License

Industry related certifications (CISA, CRISC, CISM, CISSP) strongly desired. Cloud and DevOps related certifications are a big plus.

Parental leave, Health insurance, 401(k) matching, Paid time off, Vision insurance, Health savings account, Dental insurance, Flexible spending account On call

Remote in Austin, TX 78728

Full job description

Why work at Celink

Discover a different kind of workplace at Celink. You'll join a passionate team of servicing professionals dedicated to our clients, their borrowers, and the reverse mortgage industry.

At Celink, you'll have the opportunity to make a meaningful impact within a fast-moving organization while working alongside experienced, mission-driven professionals. We value strategic thinking, collaboration, and integrity and constantly strive to be best in class.

Joining Celink means being part of a collaborative workplace that values innovation, thoughtful problem-solving, and continuous growth. Employees are encouraged to rethink traditional approaches, share bold ideas, and continuously learn and thrive.

What Sets Celink Apart

Flexible, remote work environment that supports work-life balance

• Supportive, collaborative team culture built on respect and partnership
• Opportunities to learn, build skills, and contribute to meaningful outcomes
• Emphasis on quality, consistency, and reliable support in everyday work

Total Rewards & Benefits

Celink offers a comprehensive and competitive total rewards package designed to support employees' financial, physical, and emotional well-being, including:

• Comprehensive medical, dental, and vision coverage with multiple plan options
• Health Savings Account (HSA) and Flexible Spending Accounts (FSA), including dependent care
• 401(k) with employer match and immediate vesting
• Employer-paid life insurance, disability coverage, and parental leave
• Generous paid time off, paid holidays, and flexible work arrangements, Compensation: The salary range for this position is $134,721.60 - $168,667.20. Actual compensation will be determined based on factors such as job-related knowledge, skills, experience, and geographic location., Work is performed predominately remote, but some work might be performed onsite at a Celink facility. There may be some travel with overnight stays. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.