Infinity Constellation Logo

Infinity Constellation

Director, Security - Cosmos

Posted 10 Days Ago
Remote
Hiring Remotely in USA
Senior level
Remote
Hiring Remotely in USA
Senior level
The Director, Security will create and lead Cosmos's security strategy, overseeing compliance, risk management, and incident response processes.
The summary above was generated by AI
Director, Security at Cosmos

About Cosmos

Cosmos is a new Infinity Constellation venture poised to redefine managed IT services for mid-market companies. By fusing human expertise with advanced AI automation, we deliver faster, smarter, outcome-based IT support that frees customers to focus on their core business. If you join as the CEO you will be helping us to start this company from day 1, you will be joining as the first member of the team with capital and support to grow a team and a business with us.

Role Overview

Infinity is seeking a Director, Security to design and oversee the security strategy for Cosmos. This leader will establish Cosmos foundational security program, implement scalable processes and controls, and ensure our companies consistently meet and exceed client security and compliance expectations.

The role requires both strategic vision and hands-on execution. You’ll be responsible for building the frameworks that unify Cosmos security posture, while also diving deep into individual portfolio companies to stand up policies, remediate gaps, and directly support client/vendor diligence reviews. Over time, this function may evolve into a dedicated security services offering within Infinity’s shared services ecosystem.

Key Responsibilities
  • Security Program Leadership

    • Build Infinity’s portfolio-wide security policies, standards, and controls.

    • Own certification/compliance programs (SOC 2, ISO 27001, HIPAA GDPR/CCPA alignment, etc.).

    • Maintain a central library of security documentation to support sales and client diligence.

  • Governance, Risk & Compliance

    • Develop and oversee vendor/third-party risk management.

    • Implement data classification, retention, and destruction policies.

    • Ensure consistent incident response, access review, and audit cadences across companies.

  • Hands-On Company Engagement

    • Partner with engineering and leadership teams at portfolio companies to establish secure practices from day one.

    • Lead security diligence with client and vendor teams, ensuring successful outcomes.

    • Standardize secure development lifecycles, access management, and cloud security baselines.

  • Incident Response & Continuity

    • Implement an incident response framework with clear escalation paths.

    • Run tabletop exercises, penetration testing, and remediation tracking.

    • Build continuity/disaster recovery standards that scale across companies.

  • Enablement & Culture

    • Lead company-wide security training and awareness programs.

    • Build a “secure by default” culture that supports, not slows, innovation.

    • Serve as the trusted advisor to leadership on risk, compliance, and client security expectations.

Qualifications
  • 7+ years in security leadership roles, ideally spanning both startup and enterprise contexts.

  • Track record of building and running SOC 2, HIPAA, ISO 27001, or equivalent programs.

  • Experience in client facing roles interfacing directly with stakeholders and client security teams as a part of the sales process

  • Strong technical understanding of cloud security (AWS/GCP), encryption, identity and access management, and secure SDLC practices.

  • Experience successfully navigating client/vendor security diligence processes.

  • Ability to operate both strategically (designing systems for scale) and tactically (closing gaps in fast-moving environments).

What Success Looks LikeFirst 3 Months
  • High priority portfolio companies have established security programs

  • High priority portfolio companies have established security documentation for use by client sales teams

First 12 Months
  • A portfolio-wide security program is established and documented.

  • Core certifications (SOC 2 Type I/II or equivalent) underway or complete.

  • Centralized security documentation package (“deal room”) created and in use.

  • Client/vendor diligence reviews consistently passed with no material gaps.

  • Security becomes a competitive advantage across the Infinity portfolio.

Top Skills

Aws,Gcp,Soc 2,Iso 27001,Hipaa,Gdpr,Ccpa

Similar Jobs

41 Minutes Ago
In-Office or Remote
Chicago, IL, USA
20-25
Mid level
20-25
Mid level
Fintech
The File Operations Specialist manages inbound/outbound file implementations, SFTP setups, issue resolution, and collaborates with client file teams and vendors.
Top Skills: ExcelMicrosoft OutlookSftp
41 Minutes Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
100K-152K Annually
Senior level
100K-152K Annually
Senior level
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
The Program Manager is responsible for integrating partner value into the global Sales organization, designing sales enablement programs, and maximizing partnership efficiencies.
Top Skills: AccordConfluenceJIRASalesforceZendesk
42 Minutes Ago
Easy Apply
Remote
United States
Easy Apply
134K-205K Annually
Senior level
134K-205K Annually
Senior level
Artificial Intelligence • Fintech • Hardware • Information Technology • Sales • Software • Transportation
The Product Marketing Lead will develop GTM plans, define messaging, analyze market trends, and drive product launches for Spend Management solutions.
Top Skills: Data AnalysisMarket ResearchSales Enablement

What you need to know about the Boston Tech Scene

Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.

Key Facts About Boston Tech

  • Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
  • Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
  • Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
  • Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account