Director, Cybersecurity

• Cyber Defense & Threat Intelligence: Own API’s cyber defense strategy across threat intelligence, detection, incident response, and product fraud and abuse. Translate adversarial research into actionable controls, detection rules, and response procedures.
• SOC Operations: Lead and manage the SOC MSSP, ensuring 24x7x365 monitoring, investigation, and response. Set performance standards, drive operational accountability, and continuously improve SOC effectiveness.
• Cloud Security: Manage API’s cloud security posture across AWS and Azure, applying defense-in-depth best practices to protect cloud-native and hybrid environments.
• Security Engineering Partnership: Partner with engineering to embed security into product development from the ground up — ensuring secure-by-default practices across cloud-hosted workloads and applications.
• Incident Response: Lead containment, recovery, and postmortem activities for security incidents. Establish measurable benchmarks to track program maturity and drive continuous improvement.
• Frameworks & Architecture: Apply NIST, MITRE ATT&CK, and the Cyber Kill Chain to guide security architecture, detection strategy, and response procedures. Maintain current security architecture diagrams and documentation.
• Metrics & Reporting: Develop and maintain scorecards that measure SOC effectiveness and organizational risk. Report regularly to security and business leadership with clear, actionable insights.
• Automation & Innovation: Identify and implement automation technologies to improve threat detection, prevention, and response at scale.
• Team Development: Empower and develop SOC analysts and team members, fostering a culture of accountability, continuous learning, and strong cybersecurity practice.

• SOC performance metrics demonstrate measurable improvements in mean time to detect (MTTD) and mean time to respond (MTTR).
• Cloud security posture scores improve consistently in AWS and Azure environments.
• Security is embedded into the product development lifecycle with no critical vulnerabilities at release.
• Incident response playbooks are documented, tested, and continuously refined.
• High team engagement and development of SOC analyst capabilities.
• Security risks are communicated clearly to executive leadership with actionable recommendations.

• 7–10+ years of progressive cybersecurity experience, with demonstrated leadership in security operations, threat detection, and incident response.
• Proven track record managing a SOC or MSSP relationship, including 24x7 operational oversight and performance management.
• Hands-on experience with AWS and Azure, including cloud security posture management and securing cloud-native and hybrid environments.
• Strong background in threat intelligence and adversarial techniques, applying frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain.
• Experience developing security metrics and scorecards for both operational teams and executive leadership.
• Proven ability to lead incident response from containment through postmortem, with measurable program improvement benchmarks.
• Background in security engineering and architecture — particularly designing defensible systems — is a plus.

• Working knowledge of CASB, SASE, firewalls, VPN, IDS, endpoint security, DLP, EDR/AV, and SIEM.
• Strong experience with Microsoft O365 security capabilities and administration.
• Familiarity with automation technologies supporting threat detection, prevention, and response.

• Proven ability to lead, develop, and motivate technical teams including SOC analysts.
• Communicates effectively at staff and executive levels — translating complex security risks into clear business context.
• Balances security requirements with business operations and innovation, building credibility across technology and business units.
• Organized, efficient self-starter capable of managing multiple priorities with minimal supervision.

• Bachelor’s degree in Cybersecurity, Computer Science, MIS, or equivalent experience; Master’s degree desirable.
• Preferred certifications (not required): GSEC, GCIA, GCIH, GCFE, GCFA, CISSP, CISM, or CISA.

Who We Are

API is the global leader for crew accommodation solutions, and we are changing the way businesses manage travel. Our technology platform streamlines the entire crew planning process, making day-to-day operations more efficient and elevating the crew layover experience. API’s proprietary technology, mobile solutions and our experienced team are positioned to offer our clients a complete, end-to-end platform that integrates seamlessly into their process. We are looking for dynamic, creative, and tech savvy individuals to join our team. If you are passionate about hard work, providing impeccable service, technology, and solutions to our clients then API may be a great fit for you!

Other Duties

Duties, responsibilities and activities may change at any time according to business needs.

The performance of additional responsibilities if you are designated as a Data Protection Champion (DPC), Senior Information Risk Owner (SIRO) or Information Assurance Accounting Officer (IAAO).

Work Environment

This position operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand, walk; use hands to finger, handle or feel; and reach with hands and arms.

AAP/EEO Statement

Accommodations Plus International is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, sex, marital status, veteran status, sexual orientation, genetic information, arrest record, or any other characteristic protected by applicable federal, state or local laws. Our management team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities and general treatment during employment.