Job Description
Job Description
Full time / direct hire hybrid (onsite 2 days per week)
About the Department
The IT department is responsible for managing technology services vital to the operations of the organization including :
Network Infrastructure, Hardware and Software Management, Support / Monitoring of Systems and Software Applications, Cybersecurity / Compliance, Data Management, User Support and Training, and System Integration / Digital Solutions.
About the Position
The Head of IT Infrastructure & Security is a key leadership role in enabling and maintaining a stable, scalable, and secure infrastructure ecosystem while ensuring that our business and customer data is protected and available.
This position will also be responsible for the administration, implementation, and oversight of the IT Information Security and Data Protection strategies for the organization to align with relevant laws, regulations, and industry standards.
Job Responsibilities (primary and secondary duties) :
- Lead the company’s IT Infrastructure, Operations, and Security teams, focusing on developing and delivering reliable services and strategies to support the company’s business objectives.
- Accountable for the management and hands-on support for the implementation and maintenance of core IT systems, both on-premises and in 3rd party hosting locations / clouds.
Services include but are not limited to compute, storage, endpoints as well as related data access and transformation platforms.
- Manage and improve the Cybersecurity program and related technologies, policies, and procedures.
- Maintain and enhance existing cyber tools including anti-malware, MDR / EDR, Web Security, SIEM, IPS / IDS, Firewalls, and Threat Intelligence.
- Identify technical, performance and reliability gaps by ensuring the active monitoring of system performance, system logs, software / OS versions, equipment service dates, vendor service level agreements, etc.
and proactively recommend projects and tactics to remediate identified issues.
- Establish and maintain IT infrastructure strategy including standards, policies, and procedures.
- Establish goals and associated service / operational metrics within their department ensuring they are collected, reviewed, and reported on a regular basis.
- Work with operational teams to ensure that strategies for Infrastructure and Security align with the Organization and IT Department strategies.
- Ensure cost-effective design, development, integration, implementation, testing, and maintenance of new services, equipment, and systems in support of business objectives and requirements.
- Lead the development of up-to-date information security policies, procedures, standards and guidelines aligning with industry best practices.
- Develop, implement, maintain, and oversee cybersecurity program ensuring can identify and detect threats, and protect, respond, and recover from threats and incidents.
- Oversee cybersecurity compliance including security awareness and data privacy training programs.
- Manage IT cybersecurity and infrastructure projects supporting change management best practices and ensure they are appropriately resourced, delivered on time, in scope, and on budget.
- Manage relationships with vendors and service providers to ensure they cost- effectively meet the needs of the organization, have established service level agreements (SLAs), and deliver on support / performance expectations as an extension of the IT Team.
- Support a collaborative culture that values technical depth, accountability, and customer service.
Job Requirements : Experience :
Experience :
- 10+ years of progressive IT experience with at least 3 years in the cybersecurity area and 5+ years of management experience.
- Deep technology expertise in modern hosting, computing, storage, and data delivery platforms, required.
- Expertise in IT control frameworks and experience in defining and implementing IT controls, including SOX, access & security, and privacy, required.
- Experience integrating and optimizing solutions based on SaaS platforms, required.
- Experience with Microsoft-based Cloud products and services, required.
- Experience managing IT Department budgets and recruiting staff, required.
- Vendor governance and management, required.
- Working experience with AWS well architected framework, preferred.
- Strong technical expertise in IT architecture, data integration, and networking infrastructure, preferred.
- Experience with managed service providers, preferred.
- Experience with managing SaaS platforms such as Sitecore, Salesforce, WordPress, etc, a plus.
- Some experience with automation and RPA deployment and support a plus.
- Demonstrated understanding of technological trends and developments in the areas of information security, risk management, web architectures, and cloud computing.
- Experience with the development of risk reduction strategies through the implementation of technical and non-technical controls.
- Strong knowledge and experience with EDR, MDR, vulnerability management, and penetration testing.
- Hands-on experience with a variety of technologies from infrastructure, cloud, and cybersecurity platforms and services, preferred.
Must be able to dive deep with the team and guide the work to ensure proper delivery of needed outcomes.
Education & Certifications :
- Bachelor’s degree in Engineering, Computer Science, or related field and / or related experience.
- Professional security management certification such as CISSP, CISM, CISA, CompTIA Security +, or other similar credentials, preferred.
Skills and Attributes :
- Strong team building, organizational, and staff development skills.
- High degree of initiative and ability to make informed decisions based on industry best practices and standards.
- Ability to articulate IT issues and recommendations in non-technical terms.
- Excellent analytical, time management, prioritization, and problem-solving skills.
- Deep understanding of TCP / IP, DNS, DHCP, VPN, and firewalls required.
- Experience creating and maintaining system documentation.