Search Remote Jobs

Director of IT Security

Job not on LinkedIn

🔥 0 minutes ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Directive

Directive

11 - 50 employees

🔒 Cybersecurity

🛍️ eCommerce

Cybersecurity • IT • eCommerce

Directive is Oneonta NY's best web design and IT company, specializing in technology implementation and management for businesses. They offer a wide range of services including managed IT, outsourcing IT, cybersecurity, cloud hosting, web development, and IT services for nonprofit organizations. With a focus on proactive IT monitoring, cybersecurity training, and managed cloud hosting, Directive is dedicated to keeping systems up and running while maximizing productivity for small and medium organizations. Their services also include computer repair, web design, and compliance with laws like the NY SHIELD Act, providing comprehensive support for businesses' technology needs.

📋 Description

• Develop and execute the company's information security strategy and scalable security roadmap. • Establish and maintain enterprise security policies, standards and governance frameworks. • Present cybersecurity risks, recommendations and security metrics to executive leadership. • Partner with department leaders to ensure security is integrated into business operations and decision-making. • Stay ahead of emerging cybersecurity threats, AI risks and industry best practices. • Conduct ongoing enterprise-wide cybersecurity risk assessments across infrastructure, endpoints, applications and business processes. • Build and maintain the organization's cybersecurity risk register and remediation roadmap. • Lead vulnerability management efforts and prioritize remediation based on business risk. • Perform third-party vendor security assessments and ongoing vendor risk management. • Continuously evaluate new technologies and recommend security improvements. • Own the organization's incident response program, including playbooks, tabletop exercises and post-incident reviews. • Oversee endpoint security, identity and access management, privileged access controls, MFA and device security. • Partner with the Senior IT Manager to implement technical security controls and monitor the health of the environment. • Coordinate with external security vendors and managed security providers when necessary. • Develop and oversee business continuity and disaster recovery planning. • Lead security compliance initiatives including SOC 2 Type II and future security certifications. • Own customer security questionnaires and support enterprise sales opportunities by demonstrating Directive's security posture. • Partner with Legal, Insurance, and Finance on privacy, data governance, and regulatory compliance. • Maintain documentation for security policies, controls, audits, and evidence collection. • Build and/or manage company-wide security awareness and phishing training programs. • Promote a security-first culture across the organization. • Educate employees on evolving cybersecurity threats, social engineering, AI usage and data protection best practices. • Establish security metrics and regularly report organizational security maturity.

🎯 Requirements

• 7+ years of experience in cybersecurity, information security or risk management. • 3+ years leading enterprise security programs or security teams. • Demonstrated experience performing cybersecurity risk assessments and threat modeling. • Strong knowledge of cloud-first and SaaS-based environments including Google Workspace, Salesforce, NetSuite, Okta and modern identity platforms. • Experience implementing and maintaining security frameworks such as SOC 2, ISO 27001 or the NIST Cybersecurity Framework. • Deep understanding of endpoint security, identity management, vulnerability management, incident response and security operations. • Experience working within fully remote organizations supporting distributed workforces. • Strong executive communication skills with the ability to translate technical risk into business impact. • CISSP, CISM, CRISC, or equivalent cybersecurity certification is strongly preferred.

🏖️ Benefits

• Medical, dental, vision plans, disability, and life insurance coverage for you and your family that fit your lifestyle • Including a 100% employer-paid plan for you and a 50% employer contribution for your dependents • Mental - Access to certified therapists through Spring Health, membership to Headspace • Physical - Physical therapy through Omada, fertility support through Carrott, thousands of Aaptiv virtual workouts, complimentary One Medical membership for primary and virtual care • Unlimited PTO (2-week minimum), Paid Company Holidays, Your Birthday Off, End of Year Recharge (Closed December 24 - January 1), Paid Parental Leave • Traditional and Roth 401(k) with a 3% company match • Annual bonus based on tenure, which scales in total amount over time

Apply Now

Similar Jobs

🔥 3 minutes ago

General Dynamics Information Technology

10,000+ employees

🔒 Cybersecurity

🤖 Artificial Intelligence

Cyber Security Manager at GDIT overseeing IAM operations and Cyber Security compliance across the enterprise. Lead a skilled team in implementing robust security and identity management solutions.

🔥 3 minutes ago

General Dynamics Information Technology

10,000+ employees

🔒 Cybersecurity

🤖 Artificial Intelligence

Information Systems Security Officer building and supporting modernization of enterprise-class software applications. Develop security policies and procedures for the Case Management Modernization initiative at GDIT.

🔥 3 hours ago

Zscaler

5001 - 10000

🔒 Cybersecurity

☁️ SaaS

🏢 Enterprise

Director of AI Specialist leading Zscaler's new AI Security team. Driving technical strategy, elite talent development, and executive communications in cybersecurity.

🔥 3 hours ago

Zscaler

5001 - 10000

🔒 Cybersecurity

☁️ SaaS

🏢 Enterprise

Product Sales Account Executive managing revenue growth within data security product suite at Zscaler. Collaborating with stakeholders while focusing on customer requirements and strategic account planning.

🔥 6 hours ago

Quota Crushers Agency - Sales Recruiters

11 - 50

🤝 B2B

🎯 Recruiter

Founding Account Executive responsible for B2B sales in cybersecurity and privacy domain. Building pipeline, closing sales, and collaborating with leadership to shape sales strategy.