Director of IT Security and Governance

The Director of IT Security and Governance is a leadership role responsible for strategically planning, overseeing, and managing the organization's IT security infrastructure, including networks, systems, cybersecurity, and related technologies. This position ensures the security of the company's IT assets while aligning with business objectives, regulatory requirements, and governance standards.

• IT Security Strategy and Planning:
• Develop and implement a comprehensive IT cyber security strategy and roadmap aligned with the company's long-term goals.
• Assess current and future technology needs, identify opportunities for improvement and cost optimization.
• Evaluate and recommend emerging technologies and solutions for potential adoption.
• Oversee the planning, design, and implementation of IT security projects.
• Establish and enforce IT security policies, standards, and best practices for network and system administration.

• Cybersecurity Governance:
• Establish and maintain a cybersecurity governance framework aligned with industry standards (e.g., NIST, ISO) and regulatory requirements.
• Define and oversee the implementation of cybersecurity policies, controls, and procedures across the organization.
• Ensure the integration of cybersecurity considerations into IT processes, change management, and risk assessments.
• Facilitate regular cybersecurity risk assessments, vulnerability testing, and security audits.
• Oversee the development and maintenance of cybersecurity incident response and business continuity plans.
• Collaborate with cross-functional teams to identify and mitigate potential risks and vulnerabilities.
• Facilitate communication and collaboration between IT and business stakeholders to ensure transparency and alignment.

• Degree in Computer Science, Information Technology, or a related field; advanced degree preferred
• Minimum of 8-10 years of progressive experience in IT infrastructure management, cybersecurity governance and leadership roles
• Understanding of cybersecurity governance frameworks (e.g., NIST CSF, ISO 27001), risk management, and compliance
• Strong knowledge of security operations, incident response, and business continuity planning
• Excellent communication, leadership, and decision-making skills
• Relevant certifications (e.g., CISSP, CISM, CRISC, CGEIT) are highly desirable.
• SharePoint knowledge a huge plus

• Must be able to be on-site 3-5 days a week.

Salary : $165,000 - $180,000