Director Information Security Operations - Remote, US

Paylocity is an equal opportunity employer.

Paylocity is an award-winning provider of cloud-based HR and payroll software solutions, offering the most complete platform for the modern workforce. The company has become one of the fastest-growing HCM software providers worldwide by offering an intuitive, easy-to-use product suite that helps businesses automate and streamline HR and payroll processes, attract and retain talent, and build a strong workplace culture.

We give our employees what they need to succeed, including great benefits and perks! We offer medical, dental, vision, life, disability, and a 401(k) match, as well as perks that support you, your family, and your finances. And if it’s career development you desire, we provide that, too! At Paylocity, people matter most and have always been at the heart of our business.

Position Overview

The Director of Information Security Operations will be a key member of the Information Security Leadership team, reporting directly to the Deputy CISO. This leadership role is crucial for driving and ensuring the success of both ongoing and future security initiatives aimed at safeguarding Paylocity and its extensive customer base. The Director will oversee two critical teams: Threat Management and Identity Access Management operations. They will collaborate closely with other Directors within the Information Security department and partner with various leaders across the organization to deliver a robust security operations program.

Performance Objectives

• Identity Access Management (IAM) operations, including but not limited to User Access Review, Identity lifecycle management, privileged access management, and secrets management.
• Manage Threat Management operations, encompassing but not limited to security monitoring, incident response, and threat intelligence.
• Mentor, partner, and guide Information Security Managers that span across the two teams and lead the information security operations functions.
• Work closely with other information security leaders and the Deputy CISO to influence overall InfoSec strategy.
• Manage expectations of our customers, leadership across other departments, and executive stakeholders.
• Manage expense and capital budgets for security investments within Security Operations.
• Develop and maintain strategic/tactical security metrics such as KRIs and KPIs.
• Build and present credible business cases for strategic security initiatives such as roadmaps, resource planning, and vendor investments.
• Oversee RFPs and evaluations of products and services and negotiate purchases.
• Work with Deputy CISO to manage information governance activities.
• Actively participate and present in various information security related committees.
• Meet with clients to better inform them of Paylocity’s security program and capabilities.
• Represent the company in relevant discussions with auditors and regulators.
• Manage security vendor/supplier relationships.
• Work with HR and Deputy CISO to set standards for consistent performance and service delivery across their security teams.
• Help ensure that Information Security is fully engaged and aligned with other organizational stakeholders especially product and technology teams.
• Ensure that security best practices are adhered to during the review of architecture and design, with a particular focus on the mergers and acquisitions process.
• Stay current with emerging security threats and technologies and recommend appropriate measures to mitigate risks.
• Foster a culture of continuous improvement by regularly reviewing and updating security policies, procedures, and controls.
• Coordinate with legal and IT compliance teams to ensure that security practices align with investigation needs, regulatory requirements, and industry standards.
• Provide expert guidance and support during security incidents, including forensic analysis and post-incident reviews.
• Travel to Paylocity’s campus will be required occasionally.

Education and Experience

• 12+ years in information security.
• 8+ years in information security or equivalent leadership role.
• Bachelor’s degree in computer science, Information Security, or a related field; a Master’s degree or relevant certifications (e.g., CISSP, CISM) is preferred.
• Extensive knowledge of identity access management operations, including identity lifecycle, IAM compliance, privileged access management, and various threat management operations such as SOC, Incident Response, and Threat Intelligence.
• Knowledge of security standards/frameworks, i.e. ISO 27001, NIST CSF, etc.
• Knowledge of applicable laws and regulations, e.g., HIPAA, PCI-DSS, SOC1, SOC2, SOX, GLBA, etc.
• Program and project management skills.

Paylocity is committed to the full inclusion of all individuals. We recruit, train, compensate, and promote regardless of race, religion, color, national origin, sex, disability, age, veteran status, and other protected status as required by applicable law. At Paylocity, we believe diversity makes us better.

We comply with federal and state disability laws and make reasonable accommodations for applicants and employees with disabilities. To request reasonable accommodation in the job application or interview process, please contact LeaveBenefits@paylocity.com.

This role can be performed from any office in the US. The pay range for this position is: $165,000-$230,000/yr, however, base pay offered may vary depending on job-related knowledge, skills, and experience. This position is eligible for an annual bonus and restricted stock unit grant based on individual performance in addition to a full range of benefits outlined here.