... executive accountability for outcomes. * Lead application security across Phoenix Retail's digital commerce and enterprise application portfolio, embedding secure design, code review/SAST/DAST ...
... executive accountability for outcomes. * Lead application security across Phoenix Retail's digital commerce and enterprise application portfolio, embedding secure design, code review/SAST/DAST ...
... and executive accountability for outcomes. Lead application security across Phoenix Retail's digital commerce and enterprise application portfolio, embedding secure design, code review/SAST/DAST ...
... and executive accountability for outcomes. Lead application security across Phoenix Retail's digital commerce and enterprise application portfolio, embedding secure design, code review/SAST/DAST ...
... executive accountability for outcomes. * Lead application security across Phoenix Retail's digital commerce and enterprise application portfolio, embedding secure design, code review/SAST/DAST ...
... executive accountability for outcomes. * Lead application security across Phoenix Retail's digital commerce and enterprise application portfolio, embedding secure design, code review/SAST/DAST ...
... executive accountability for outcomes. * Lead application security across Phoenix Retail's digital commerce and enterprise application portfolio, embedding secure design, code review/SAST/DAST ...
... executive accountability for outcomes. * Lead application security across Phoenix Retail's digital commerce and enterprise application portfolio, embedding secure design, code review/SAST/DAST ...
Director, Application Security (Cybersecurity Defense)
Dublin, OH · On-site
$135.40 - $208.10/hr
Serve as an advisor to executive and business leadership on application security risks, priorities ... Establish secure coding standards and integrate security controls into CI/CD pipelines and ...
New
Director, Application Security (Cybersecurity Defense)
Dublin, OH · On-site
$135.40 - $208.10/hr
Serve as an advisor to executive and business leadership on application security risks, priorities ... Establish secure coding standards and integrate security controls into CI/CD pipelines and ...
New
Director, Application Security (Cybersecurity Defense)
Dublin, OH · On-site
$135.40 - $208.10/hr
Serve as an advisor to executive and business leadership on application security risks, priorities ... Establish secure coding standards and integrate security controls into CI/CD pipelines and ...
Director, Application Security (Cybersecurity Defense)
Dublin, OH · On-site
$135.40 - $208.10/hr
Serve as an advisor to executive and business leadership on application security risks, priorities ... Establish secure coding standards and integrate security controls into CI/CD pipelines and ...
Sr. Program Executive
Columbus, OH · On-site
... Security, Quality, Supply Chain, Manufacturing, and Warehouse Operations, with investments up to ... building codes. * Demonstrated ability to lead complex projects from planning through ...
Sr. Program Executive
Columbus, OH · On-site
... Security, Quality, Supply Chain, Manufacturing, and Warehouse Operations, with investments up to ... building codes. * Demonstrated ability to lead complex projects from planning through ...
... Security, Quality, Supply Chain, Manufacturing, and Warehouse Operations, with investments up to ... building codes. * Demonstrated ability to lead complex projects from planning through ...
... Security, Quality, Supply Chain, Manufacturing, and Warehouse Operations, with investments up to ... building codes. * Demonstrated ability to lead complex projects from planning through ...
... executive team. • Knowledge of current and emerging threats/threat vectors. • Knowledge of ... code, and connectivity. • Perform application updates to Security applications and devices. • ...
... executive team. • Knowledge of current and emerging threats/threat vectors. • Knowledge of ... code, and connectivity. • Perform application updates to Security applications and devices. • ...
Site Security Coordinator
Jeffersonville, OH · On-site
$75K - $85K/yr
Define, map, and enforce color-coded security zones to ensure layered defense-in-depth: * Grey Zone ... You will dynamically interact with all customer types, from executive teams to individual workers ...
Quick apply
Site Security Coordinator
Jeffersonville, OH · On-site
$75K - $85K/yr
Define, map, and enforce color-coded security zones to ensure layered defense-in-depth: * Grey Zone ... You will dynamically interact with all customer types, from executive teams to individual workers ...
You're as comfortable in front of a client room as you are in a Python notebook or low-code ... You bring executive presence to client interactions, can translate complex technical concepts for ...
You're as comfortable in front of a client room as you are in a Python notebook or low-code ... You bring executive presence to client interactions, can translate complex technical concepts for ...
You're as comfortable in front of a client room as you are in a Python notebook or low-code ... You bring executive presence to client interactions, can translate complex technical concepts for ...
You're as comfortable in front of a client room as you are in a Python notebook or low-code ... You bring executive presence to client interactions, can translate complex technical concepts for ...
Track key milestones and deliverables, and prepare executive presentations for senior leadership ... or related coding formats. • Familiarity with agile methodologies of software development.
Track key milestones and deliverables, and prepare executive presentations for senior leadership ... or related coding formats. • Familiarity with agile methodologies of software development.
Track key milestones and deliverables, and prepare executive presentations for senior leadership ... or related coding formats. • Familiarity with agile methodologies of software development.
Track key milestones and deliverables, and prepare executive presentations for senior leadership ... or related coding formats. • Familiarity with agile methodologies of software development.
Senior Security Engineer - Web App.
Columbus, OH · On-site
$139K - $164K/yr
Automation & DevSecOps • Security as Code: Develop automation scripts using Python and REST APIs ... Additional Skills (none specified) AllSTEM Representative Contact Info Account Executive: Nichols ...
Senior Security Engineer - Web App.
Columbus, OH · On-site
$139K - $164K/yr
Automation & DevSecOps • Security as Code: Develop automation scripts using Python and REST APIs ... Additional Skills (none specified) AllSTEM Representative Contact Info Account Executive: Nichols ...
AI - Cybersecurity Forward Deployed Engineer - FDE Senior Manager
Hartford, OH · On-site
$103K - $141K/yr
Deliver hands-on security engineering using agentic coding tools as the primary build environment ... Executive workshop facilitation and C-suite / CISO-level communication * Structured analytical ...
AI - Cybersecurity Forward Deployed Engineer - FDE Senior Manager
Hartford, OH · On-site
$103K - $141K/yr
Deliver hands-on security engineering using agentic coding tools as the primary build environment ... Executive workshop facilitation and C-suite / CISO-level communication * Structured analytical ...
AI - Cybersecurity Forward Deployed Engineer - FDE Senior Manager
Columbus, OH · On-site
$110K - $151K/yr
Deliver hands-on security engineering using agentic coding tools as the primary build environment ... Executive workshop facilitation and C-suite / CISO-level communication * Structured analytical ...
AI - Cybersecurity Forward Deployed Engineer - FDE Senior Manager
Columbus, OH · On-site
$110K - $151K/yr
Deliver hands-on security engineering using agentic coding tools as the primary build environment ... Executive workshop facilitation and C-suite / CISO-level communication * Structured analytical ...
Senior Agentic Identity Security Manager
Columbus, OH · On-site
$107K - $146K/yr
... by coding a threat intrusion module or sharing your latest ideas with the team. Day-to-day, you're ... Developing deep working relationships with Senior Executives and Senior Managers across the client ...
Senior Agentic Identity Security Manager
Columbus, OH · On-site
$107K - $146K/yr
... by coding a threat intrusion module or sharing your latest ideas with the team. Day-to-day, you're ... Developing deep working relationships with Senior Executives and Senior Managers across the client ...
Cybersecurity Network Cloud Engineer
Columbus, OH · On-site
$145K - $240K/yr
... security domains and business functions. You will partner closely with executive leadership ... Promote the adoption of Policy-as-Code, Process-as-Code, and other scalable approaches that improve ...
Cybersecurity Network Cloud Engineer
Columbus, OH · On-site
$145K - $240K/yr
... security domains and business functions. You will partner closely with executive leadership ... Promote the adoption of Policy-as-Code, Process-as-Code, and other scalable approaches that improve ...
Track key milestones and deliverables, and prepare executive presentations for senior leadership ... Basic knowledge of SQL, SQL scripting, or related coding formats. * Familiarity with agile ...
Track key milestones and deliverables, and prepare executive presentations for senior leadership ... Basic knowledge of SQL, SQL scripting, or related coding formats. * Familiarity with agile ...
Executive Security Coding information
See salary details
$26.5K - $40.8K
11% of jobs
$40.8K - $55.1K
12% of jobs
$56.8K is the 25th percentile. Wages below this are outliers.
$55.1K - $69.5K
22% of jobs
The median wage is $77.4K / yr.
$69.5K - $83.8K
10% of jobs
$83.8K - $98.1K
9% of jobs
$98.1K - $112.4K
11% of jobs
$114.6K is the 75th percentile. Wages above this are outliers.
$112.4K - $126.7K
11% of jobs
$126.7K - $141K
4% of jobs
$141K - $155.4K
11% of jobs
$155.4K - $169.7K
0% of jobs
$169.7K - $184K
1% of jobs
$26.5K
$93.6K
$184K
How much do executive security coding jobs pay per year?

Job description
About PHOENIX PHOENIX Retail, LLC is a retail platform operating the Express and Bonobos brands worldwide. About ExpressExpress is a multichannel apparel brand dedicated to a design philosophy rooted in modern, confident and effortless style whether dressing for work, everyday or special occasions. Since its launch in 1980, the brand has embraced a design philosophy rooted in modern, confident and effortless style. Express ensures you look and feel your best, wherever life takes you. The Company operates over 400 retail and outlet stores in the United States and Puerto Rico, the express.com online store and the Express mobile app. About BonobosOur Bonobos menswear brand is known for being a style instigator and offering perfect-fit risks through our innovative retail model and personalized experience. Launched online in 2007 with its signature line of chinos, Bonobos now offers a variety of styles available to order online and to try on at any one of our 50 Guideshop locations and at www.bonobos.com. Our Guideshops are in-real-life stores that deliver one-on-one service and expert fit advice. Don't think traditional retail, Bonobos is something you haven't seen before.
ResponsibilitiesPOSITION OVERVIEW
The Director, Information Security & Governance serves as Phoenix Retail's senior information security leader with enterprise-wide accountability for the strategy, execution, and ongoing maturity of the company's information security, data protection, privacy controls, and AI security governance program. The role protects Phoenix Retail's omnichannel environment, including corporate systems, e-commerce platforms, store technology, customer and payment data, AI-enabled capabilities, and supporting infrastructure. The Director provides strategic leadership for the Information Security team, fostering a high-performance culture through mentorship and talent development to ensure the sustained operational excellence of the team and the organization.
Operating with the scope and presence of a Chief Information Security Officer, the Director leads enterprise security strategy, governance, policy, architecture, operations, incident response, AI security controls, and security risk management. The role advises executive leadership and the Board on security posture, emerging threats, regulatory obligations, business risk, and investments required to protect the company. This leader partners closely with Technology, Development, Legal, Procurement, Internal Audit, Compliance, Finance, and business stakeholders to embed security across enterprise technology and vendor ecosystems. The Director is a key stakeholder in Third-Party Risk Management and owns Phoenix's PCI-DSS program with full accountability for readiness and outcomes. This is a strategic leadership role requiring strong hands-on technical credibility. The Director must also be able to engage directly with technical matters, including SIEM activity, detection validation, threat hunting, incident investigations, and AI control monitoring when needed.KEY RESPONSIBILITIESServe as enterprise owner for Phoenix Retail's information security strategy, roadmap, governance model, security policy framework, and AI security governance, aligned to business priorities and retail operating needs.
Lead and mature a security program built against the NIST Cybersecurity Framework, including measurable controls, maturity targets, risk-based prioritization, and reporting to executive leadership and the Board.
Design, implement, and monitor controls for AI technologies and use cases, including acceptable-use standards, administrative approvals, data handling requirements, identity and access guardrails, logging, vendor risk inputs, usage monitoring, and spend/consumption oversight.
Own PCI-DSS across corporate, e-commerce, and store/cardholder data environments, including scoping, segmentation, control design, assessor coordination, remediation, evidence, and executive accountability for outcomes.
Lead application security across Phoenix Retail's digital commerce and enterprise application portfolio, embedding secure design, code review/SAST/DAST, testing, and risk acceptance into the SDLC.
Lead network, cloud, endpoint, identity, collaboration, and infrastructure security architecture and operations, ensuring appropriate controls across corporate, e-commerce, store, GCP, Google Workspace, and other key environments.
Own security operations, 24x7 monitoring, detection engineering, escalation, and incident response; maintain enough hands-on fluency with the SIEM to validate detections, review alerts, and support active investigations when required.
Direct threat and vulnerability management, including scanning, prioritization, remediation governance, patch SLAs, penetration testing, attack surface management, and executive risk reporting.
Partner with Legal and Procurement as a key security stakeholder in Third Party Risk Management, including vendor due diligence, contract security requirements, AI and SaaS provider reviews, control assessments, ongoing monitoring, and remediation tracking.
Review and approve security designs for new technology initiatives, AI-enabled capabilities, cloud services, store technology, payment systems, and major vendor platforms before production deployment.
Lead enterprise incident response planning, crisis coordination, tabletop exercises, post-incident reviews, and communications with executive, legal, operational, and technical stakeholders.
Partner with Internal Audit on control testing, evidence, and remediation while maintaining appropriate independence and avoiding self-audit.
Recruit, lead, coach, and develop a high-performing security team; establish clear ownership, operating rhythms, performance expectations, and career paths.
Own the security budget, tooling roadmap, vendor portfolio, managed service relationships, SLAs, renewals, and investment recommendations, including cost governance for emerging security and AI-related capabilities.
Communicate security risk clearly from analyst to Board level, translating technical issues into business impact, risk decisions, and actionable priorities.
Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or equivalent work experience.
10+ years of progressive experience in information security, cybersecurity, technology risk, or a closely related area, including significant enterprise security leadership responsibility.
Demonstrated ability to operate as the senior security leader for a complex enterprise; retail, omnichannel, e-commerce, payment, or large distributed operating environment experience preferred.
Demonstrated proficiency with the NIST Cybersecurity Framework (CSF), including program design, maturity assessment, control mapping, remediation planning, and executive reporting.
Direct, accountable experience owning PCI-DSS in a merchant, e-commerce, payment, or retail environment.
Deep technical expertise across application security, network security, cloud and infrastructure security, endpoint security, identity and access management, vulnerability management, AI security governance, and security operations.
Ability to serve as the enterprise authority on securing AI-enabled tools, platforms, and workflows, with practical command of policy, administration, data protection, technical guardrails, monitoring, vendor governance, and cost-aware usage controls.
Familiarity with Google Cloud Platform (GCP) and Google Workspace environments, including administrative models, IAM, logging, data protection, and security configuration considerations.
Hands-on working proficiency with a major SIEM/SOC platform; Palo Alto XSIAM experience strongly preferred.
Proven incident response leadership, including high-severity security events, executive communications, tabletop exercises, post-incident reviews, and continuous improvement.
Experience leading and developing security teams, managed service providers, and cross-functional programs across Technology, Legal, Procurement, Internal Audit, and business stakeholders.
Experience presenting cybersecurity posture, risk, and investment recommendations to executive leadership, Audit Committee, or Board-level audiences.
CISSP or equivalent senior security credential required; CISM, CISA, CCSP, GIAC, or similar credentials are also valued.
CISO-level judgment and executive presence while operating effectively within a Director-level role.
Technically credible and current; able to challenge architecture, read SIEM detections, question control gaps, evaluate AI security risks, and contribute to investigations without displacing the team.
Strong AI security judgment; enables business use while enforcing administrative, technical, data, monitoring, and financial guardrails that are practical for a retail operating environment.
Strategic and pragmatic; balances risk reduction, customer trust, business speed, cost, and operational resilience.
Calm and decisive under pressure, especially during active incidents, peak retail periods, major releases, and audit/compliance cycles.
Strong communicator who can translate technical risk into business decisions for executives, Board members, auditors, attorneys, merchants, and engineers.
High ownership mindset; accountable for outcomes, not just recommendations.
Strong discretion, integrity, and judgment when handling sensitive security, legal, personnel, and incident information.
If you would like to know more about the California Consumer Privacy Act click here.
Applicants must be currently authorized to work full-time in the United States. PHOENIX does not sponsor applicants for work visas (e.g., H-1B or TN status) for this position.
An equal opportunity employer, PHOENIX does not discriminate in recruiting, hiring or any other terms and conditions of employment hiring on the basis of any federal, state, or locally protected characteristic. PHOENIX only hires individuals authorized for employment in the United States. PHOENIX is committed to providing reasonable accommodation to individuals with disabilities. If you need an accommodation to search and apply for a job position due to a disability, please call 1-800-964-9793 and say 'Associate Relations' or send an e-mail to AssociateRelations@Express.com and let us know the nature of your request and your contact information.
Notification to Agencies: Please note that PHOENIX does not accept unsolicited resumes or calls from third-party recruiters or employment agencies. In the absence of a signed Master Service Agreement and approval from HR to submit resumes for a specific requisition, PHOENIX will not consider or approve payment to any third-parties for hires made.
Employment Type: OTHER