The Director of IT and Information Security is a strategic and operational leader responsible for the organization's technology vision, infrastructure, and cybersecurity. This role demands a blend of technical expertise, leadership acumen, and strategic foresight to drive innovation, ensure security, and support business growth. The Director will lead a team of IT and Cybersecurity professionals, fostering a culture of excellence, collaboration, and continuous improvement.

We're looking for this person to be onsite in the Boulder Headquarters a few days a week in a Hybrid work scenario. This role is NOT a Remote position and candidate must be in the Denver/Boulder area.

Responsibilities:

• Strategic Planning and Leadership
• Develop and implement a comprehensive IT strategy aligned with organizational goals and future growth.
• Oversee the execution of technology projects and cybersecurity initiatives.
• Manage the IT budget and vendor relationships.
• Provide thought leadership and guidance to senior management on IT matters.
• Stay abreast of emerging IT trends and technologies.
• Operational Management
• Lead and mentor the IT and Cybersecurity team.
• Oversee the design, implementation, and maintenance of IT infrastructure and security systems.
• Manage security incidents and conduct periodic audits.
• Develop and enforce IT policies and procedures.
• Cybersecurity and Risk Management
• Create and maintain a robust cybersecurity strategy.
• Proactively identify and mitigate security threats and vulnerabilities.
• Implement security measures for existing and new technologies, including legacy systems and cloud architectures.
• Deep understanding of relevant cybersecurity laws, regulations (GDPR, CCPA), and industry standards (ISO, NIST) to ensure the merged entity remains compliant.
• Conduct due diligence on vendors and ensure their security practices align with organizational standards.
• Oversee M&A due diligence and integration, focusing on security risks and system integrations.
• Experience leading and advocating for improvements in our security posture, being the voice that presents to and engages with senior leaders on critical initiatives, and prioritizing a culture of security practices from the top down
• Collaboration and Communication
• Partner with stakeholders across the organization to understand their technology needs.
• Foster a culture of security awareness and compliance.
• Communicate effectively with technical and non-technical audiences.

First 3 Months (0-3):

• Immersion and Assessment: Gain a deep understanding of the organization's mission, culture, strategic goals, and existing IT landscape.
• Relationship Building: Establish strong relationships with key stakeholders across the organization.
• Strategic Planning: Refine the IT strategy and roadmap in collaboration with leadership, identifying quick wins and prioritizing initiatives.
• Team Assessment and Development: Evaluate current team capabilities and identify areas for improvement. Begin implementing professional development plans.

Months (3-6):

• Execution and Implementation: Initiate key projects and security enhancements identified in the initial roadmap.
• Process Improvement: Implement improvements to IT processes and workflows to increase efficiency and effectiveness.
• Security Enhancement: Begin implementing key security initiatives, such as vulnerability management, incident response planning, and security awareness training.
• Collaboration and Communication: Foster a culture of open communication and collaboration within the IT team and across the organization, ensuring alignment on security priorities.

Months (6-12):

• Measurement and Optimization: Establish key performance indicators (KPIs) to measure the effectiveness of IT initiatives and security controls. Continuously monitor and optimize systems and processes.
• Innovation and Adaptation: Proactively explore and implement emerging technologies and industry trends to enhance security and support evolving business needs.
• Thought Leadership: Contribute to strategic discussions and provide guidance on IT and security matters, establishing the IT team as a trusted advisor to the business.
• Maturity and Continuous Improvement:  Focus on maturing security and IT processes, fostering a culture of continuous improvement and learning.

Key Attributes:

• Strategic Thinking:
• Ability to develop long-term strategies for IT and cybersecurity that align with organizational goals.
• Skill in anticipating future security threats and planning accordingly.
• Willingness to adapt to new technologies and changing threat landscapes.
• Ability to pivot strategies and approaches as the organization’s needs and external conditions evolve.
• Openness to exploring and adopting new technologies and practices to enhance security.
• Initiative in staying ahead of emerging threats and implementing innovative solutions.
• Communication Skills:
• Excellent verbal and written communication skills to clearly convey technical information to non-technical stakeholders.
• Ability to present security issues and solutions to senior management and board members.
• Problem-Solving Abilities:
• Aptitude for quickly identifying problems, thinking critically, and implementing effective solutions.
• Experience in handling complex security incidents and crises with composure.
• Project Management:
• Proficiency in managing projects, including planning, execution, and monitoring of IT and security initiatives.
• Ability to manage budgets, timelines, and resources effectively.
• Skills in negotiating with vendors and managing third-party relationships to ensure compliance with security standards.
• Ability to evaluate and select appropriate technologies and services.
• Knowledge of Regulations and Compliance:
• Understanding of relevant legal and regulatory requirements related to cybersecurity and data protection.
• Ability to ensure the organization’s compliance with these requirements.

Qualifications:

• Bachelor's degree in computer science, information systems, or a related field.
• 10+ years of experience in IT management, with at least 5 years in a leadership role.
• Strong technical skills in networking, security, and cloud computing.
• Experience implementing and maintaining SOC2, SOX, and ITGC compliant systems.
• Proven ability to create and execute an information security and privacy vision.
• Excellent communication, interpersonal, leadership, and management skills.
• Strategic thinking, problem-solving abilities, and project management skills.
• Knowledge of relevant cybersecurity regulations and compliance requirements.
• Passion for technology and a commitment to continuous learning.

We are unable to sponsor or transfer a VISA for this position

Boulder, Colorado Jobs: Employees can expect to be paid a salary between $140,000 to $170,000. Other benefits include health care, vision, dental, retirement, Flexible Time Away, sick leave, and many more. The salary range displayed is specifically for those potential hires who will work or reside in the state of Colorado if selected for this role, and may vary based on market data/ranges, an applicant’s skills and prior relevant experience, certain degrees and certifications, and other relevant factors

Related jobs

Senior Director, Information Security Rockstar Games Manhattan, New York, United States

Senior Director of Product Security Ro New York, NY or Remote

Director, Global Security Operations (GSO) Peloton

Director of Security Engineering and SRE AlayaCare Montréal, Quebec, Canada