Sunrise Senior Living

Welcome page

Cyber Security Risk Management Director

Location : Name
Community Support Office
Type
Full-Time
Location : Address
7902 Westpark Dr
Location : City
McLean
Location : State/Province (Full Name)
Virginia
Salary Range
USD $97,600.00 - USD $150,200.00 /Yr.
Variable Compensation
No Variable Comp

 

When you join Sunrise Senior Living, you will be able to use your unique skills to empower residents to live longer, healthier, and happier lives. Not only will you build meaningful relationships with residents, their families, and team members alike, you will also gain joy in serving others and deep fulfillment in your work. Explore how you can follow your passions and shed light on meaningful ways to serve, grow, and shine together.

GPTW Logo 2025

Sunrise Senior Living was again certified as a Great Place to Work® by Activated Insights. This is the 7th time Sunrise has received this top culture and workplace designation, highlighting the special place Sunrise is to be a part of.

COMMUNITY NAME

Community Support Office

Job ID

2025-224734

JOB OVERVIEW

The Cyber Security Risk Management Director is responsible for identifying, assessing and mitigating cyber security risks across the organization. This role develops and implements risk management frameworks, ensures compliance with regulatory & industry standards and collaborates with executive leadership to align cyber security risk strategies with business objectives. They will also play a lead role on cross-functional teams to proactively identify vulnerabilities, implement risk mitigation strategies and enhance the organization’s overall cyber security resilience.

RESPONSIBILITIES & QUALIFICATIONS

 
Responsibilities:
As a part of the Sunrise team, supporting our Mission, Principles of Service and Core Values is a fundamental part of this job. Our foundational belief is the sacred value of human life. The unique responsibilities for this role include but are not limited to the essential functions listed as follows:
• Design and oversee the implementation of secure network, application, and cloud architectures that mitigate cyber risks while balancing business objectives, operational efficiency and regulatory requirements
• Conduct regular vulnerability scans using industry-leading tools to detect security gaps and correlate vulnerability data with threat intelligence sources to assess real-world exploitability & risk levels
• Provide regular risk reports to leadership, summarizing vulnerability trends, remediation progress, key risks and potential business impacts
• Design and implement real-time monitoring and automated alerting solutions to detect security threats, including anomaly detection and behavior analytics
• Develop and oversee a comprehensive Incident Response Plan (IRP) aligned with industry standards (e.g., NIST, ISO 27035, MITRE ATT&CK)
• Lead incident response efforts, coordinating across security, IT and business units to contain and mitigate security breaches
• Oversee forensic analysis and root cause investigations to determine attack vectors and prevent recurrence
• Maintain detailed records of security events, responses and lessons learned to refine detection and response strategies
• Partner with IT, legal and compliance teams to establish clear communication protocols for notifying stakeholders, executive leadership and regulatory bodies as needed during security incidents
• Develop, implement, and maintain policies and procedures to ensure compliance with relevant cyber security regulations (e.g., HIPAA, PCI-DSS, SOC 2)
• Create and maintain comprehensive cyber security documentation, including policies, standards, procedures and guidelines that support organizational compliance
• Oversee preparation for internal and external security audits, ensuring all necessary documentation, including vulnerability scans, remediation actions and risk acceptance decisions, is available and accurate
• Design and deliver role-based cyber security awareness training to enable employees to recognize and report threats
• Build and maintain key relationships with industry peers, vendors and security communities to stay up to date with evolving regulatory changes, industry standards and evolving threats
• Maintain compliance in assigned required training and all training required by state/province or other regulating authorities as applicable to this role to ensure that Sunrise standards are always met
• Perform other duties as assigned
 
Core Competencies: 
• Strong proficiency in cyber security technologies and frameworks, with the capability to lead by example, provide mentorship and foster a collaborative environment across technical teams
• Ability to independently assess complex security challenges, analyze risk factors and develop actionable, forward-thinking strategies that align with organizational objectives
• Proven ability to address and resolve high-pressure security incidents, demonstrating resilience and quick decision-making while managing risk
• Proven ability to clearly articulate technical concepts to both technical and non-technical stakeholders, fostering effective collaboration to drive cyber security initiatives across the organization
• Expertise in developing, reviewing, and maintaining comprehensive cyber security policies, procedures, and playbooks
• In-depth knowledge of maintaining regulatory compliance within cyber security practices, including frameworks such as HIPAA, HITRUST, and PCI-DSS
 

 

Qualifications:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed throughout this job description are representative of the knowledge, skills, and abilities required.
• Bachelor’s degree in Computer Science, Computer Engineering, Cyber Security or equivalent experiential learning, e.g., each year of work experience may be substituted for each year of education required
• Advanced degrees or hands-on, practical certifications (e.g., OSCP, CCIE) are a plus
• Must have expert level of experience in TCP/IP, Linux, Windows, MS Azure, MS Defender for all the things, MS Purview, GRC, TPRM; additional experience in Abnormal, Cribl, Halcyon, Expel, Horizon3, Fortigate, Meraki, Varonis, Snyk, scripting and automation is a plus
• Minimum of ten years of combined experience in cyber security and information technology, with a strong focus on cloud security, incident response and security architecture and a proven track record of leading risk management initiatives in complex environments
• Experience in developing and executing comprehensive cyber security programs, policies, and frameworks, focusing on risk reduction and compliance
• Proven experience in identifying, assessing and mitigating cyber security risks, including risks associated with third-party vendors, cloud providers and other external partners, particularly in relation to confidential data, critical infrastructure and compliance
• Hands-on experience managing and responding to cyber security incidents (e.g., data breaches, ransomware attacks), including coordinating with legal, IT and executive teams

ABOUT SUNRISE

Ready to take the next step and make a bigger impact than you ever imagined? As part of our team, you will help brighten the future for everyone at Sunrise and beyond. That is why we make it a priority to celebrate the unique ways you bring moments of togetherness and joy to everyone you serve. And when combined with the support, benefits, and growth opportunities we offer, the result is a career that PositivelyShines with everything you need to reach your goals – at work and in your life.

 

We also offer benefits and other compensation that include:

  • Medical, Dental, Vision, Life, and Disability Plans
  • Retirement Savings Plans
  • Employee Assistant Program / Discount Program
  • Paid time off (PTO), sick time, and holiday pay
  • Daily Pay offered to get paid within hours of a shift (offered in the U.S. only)
  • Tuition Reimbursement
  • In addition to base compensation, Sunrise may offer discretionary and/or non-discretionary bonuses. The eligibility to receive such a bonus will depend on the employee’s position, plan/program offered by Sunrise at the time, and required performance pursuant to the plan/program.
  • Some benefits have eligibility requirements

Apply today to learn why Sunrise Senior Living is a certified Great Place to Work®

PRE-EMPLOYMENT REQUIREMENTS

Sunrise considers the health and safety of its residents, family members, and team members to be one of its highest priorities. Employment with Sunrise is conditioned on completing and passing a drug test (which does not include marijuana), participating in testing requirements (e.g. Tuberculosis Test, Physical Evaluation). Covid-19 and Influenza vaccination is only required to the extent mandated by applicable federal, state, and local laws and authorities.

COMPENSATION DISCLAIMER

Selected candidates will be offered competitive compensation based on geographic location of community/office, skills, experience, qualifications, and certifications/licenses (where applicable).

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

SEARCH FIRM REPRESENTATIVES PLEASE READ CAREFULLY:
Sunrise Senior Living is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, all resumes submitted by search firms to Sunrise Senior Living by any means, be it via email, the Internet or directly to hiring managers at Sunrise Senior Living in any form without a valid written search agreement in place for that position will be deemed the property of Sunrise Senior Living, and no fee will be paid in the event a candidate is hired by Sunrise Senior Living as a result of such unsolicited referral or through any other means.