The Company: NorthMark Strategies is a leading investment firm, combining capital, innovation, and engineering to drive long-term value. From operating complex businesses to backing breakthrough technologies, our mission is to build enduring businesses. Our team combines intelligent risk-taking, operational excellence, exceptional talent, and world-class computing capacity to create shareholder value. Our company offers a dynamic environment where individuals have the freedom to lead companies toward bold achievements by embracing innovation, leveraging technology, and fostering differentiated business strategies. Our values are Integrity, Ability, and Energy, and the company aims to hire individuals who possess those qualities. At NorthMark Strategies, we believe the future isn’t something to hope for, it’s something to build. We don’t just invest, we create. Bringing together strategic insight and technical horsepower to deliver outcomes that endure. The Position: NorthMark Strategies is seeking an experienced Director of Information Security to lead the cybersecurity program of the Atlassian Williams Racing team, ensuring the protection of sensitive intellectual property, critical resources, and global operations. This pivotal role combines technical expertise with strategic business engagement, ensuring that security is seamlessly integrated across both racing and commercial activities. This role will oversee the organization’s security strategy, security operations, vulnerability management, incident response, risk identification and mitigation planning / implementation, identity management, network security, privacy, and compliance. The Director will work closely and report to the NorthMark Strategies CISO to manage risk, align security initiatives to Enterprise standards, and safeguard the team’s digital assets across hybrid cloud, corporate, and trackside environments. Responsibilities: Strategic Leadership & Business Partnership Act as a trusted advisor to leadership across racing operations, engineering, and corporate functions. Translate cybersecurity risks into business terms, enabling executives to make informed, risk-based decisions. Align with the wider group to support end-to-end security across hybrid environments private, public cloud, and trackside, edge locations. Define and drive the overall security roadmap, ensuring it evolves with the business and threat landscape. Lead security benchmarking and strategic planning for the organization Continuous assessment of risk across the organization paired with the ability to implement risk treatment plans that do not hamper innovation Demonstrated ability to influence and inspire at all levels of the organization Track record of sitting on management boards or senior leadership teams, including C-Suite, contributing to high-level decision-making Strong credibility, able to build trust in complex stakeholder environments Skilled in navigating high-stakes conversations and representing the business in critical forums Adept at building trusted relationships with senior leaders and external partners Technical & Operational Oversight Oversee network security architecture, monitoring, and the segmentation of a complex network. Manage Privileged Access Management (PAM) platforms, enforcing robust identity and access controls. Drive cloud security initiatives across Azure and AWS, including monitoring, workload protection, and identity governance. Oversee vulnerability management for hybrid cloud environments, integrating tools such as Wiz, Axonius, and ServiceNow. Oversee advanced data loss prevention (DLP) and insider risk management to protect race strategies, car designs, and simulations. Partner with IT and Operations to ensure resilience in the event of cyber incidents or infrastructure outages. Coordinate penetration testing, red team exercises, and remediation activities. Support the right secure-by-design principles and DevSecOps practices into software and AI development lifecycles. Support and safeguard AI models and data against tampering, bias, and adversarial attacks. Protect developer tools and CI/CD pipelines from supply chain vulnerabilities and secrets exposure. Ensure data security and the right governance ,access controls, compliance across the data platform Oversite of the Incident Response plan for WF1 as well as hosting of regular table top simulations for the executive leadership team Reporting of key security metrics to both the CISO and executive leadership team Governance, Risk & Compliance Maintain a risk register and provide actionable reporting to business leaders and the CISO. Ensure compliance with FIA regulations, GDPR, ISO 27001, NIS2, as well as Enterprise security standards. Define and track security KPIs/KRIs that measure technical posture and business impact. Support internal and external audits, ensuring continuous readiness. Requirements: 7 years in cybersecurity leadership, with proven ability to bridge technical depth and business engagement. Strong hands-on experience with: Hybrid Microsoft stack (Windows, Active Directory, Azure, O365). Linux administration and security. PAM solutions (CyberArk, BeyondTrust, or equivalent). SOC/SIEM operations and incident response. EDR/XDR and endpoint hardening Vulnerability management tooling Track record of engaging directly with senior business leaders to communicate risk and influence decisions Nice to have: Exposure to Cato Networks, Microsoft Azure, AWS, Wiz, Axonius, ServiceNow. Familiarity with DevSecOps, container security, and infrastructure as code. Experience in formula 1, aerospace, defense, or other high-IP, high-performance industries. Relevant certifications such as CISSP, CISM, CCSP, or CRISC. It is impossible to list every requirement for, or responsibility of, any position. Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company’s needs may change over time. Therefore, the above job description is not comprehensive or exhaustive. The Company reserves the right to adjust, add to or eliminate any aspect of the above description. The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs. Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future. Benefits & Perks: Hybrid-Work Schedule : We provide a hybrid working schedule with 3 days a week in the office Company-Paid Lunch Stipend : Lunch is provided via GrubHub Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid Parental Leave, Employee Assistance Program, Life insurance, Short-Term Disability and Long-Term Disability 401(k): Company will match 100% of your contributions up to 6% Optional Employee-Paid Benefits: Medical insurance in our PPO plan and a variety of other benefits such as Health Savings Accounts (with Company Contribution!), Flexible Spending Accounts, Supplemental Life Insurance, Wellhub and more. Time Off: 25 days of Paid Time Off plus 12 company holidays EQUAL OPPORTUNITY EMPLOYER NORTHMARK STRATEGIES LLC IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.