Director, Information Security and Technology.

ghSMART

2d•$180,000 - $190,000•Remote

About The Position

In this role, you will have primary responsibility for enterprise information security and for, leading the information strategy, operations, and culture that keep ghSMARTâs digital environment safe, resilient, and scalable. You will serve as the internal subject matter expert responsible for designing and executing the firmâs information security roadmap, managing critical vendor relationships including our external Security Operations Center, and ensuring our security practices align with relevant standards. Beyond security, you will oversee ghSMARTâs Azure environment and enterprise Microsoft ecosystem, including Microsoft 365, Entra ID, and Windows endpoint management. You will lead a highâperforming IT Support team that delivers responsive, reliable service to employees across the firm, while owning the full lifecycle of hardware, digital infrastructure, and employee onboarding, and offboarding. You will also take primary ownership of technology budgeting and cost management across all IT functions

Requirements

A bachelorâs degree in information security, information technology, computer science, or a related field, or equivalent experience.
8â10+ years of experience in enterprise IT, information security, or technology leadership roles.
Strong technical foundation across enterprise IT environments, including Microsoft 365, Entra ID, Windows endpoint management, cloud infrastructure, and modern security operations.
Deep expertise in information security governance, risk management, compliance frameworks, and security operations.
Experience defining and implementing security policies, controls, and incident response processes; experience building or maturing an information security program from the ground up is a plus.
Proven experience leading and managing IT and cybersecurity teams.
Strong vendor and stakeholder management skills, particularly with security partners and crossâfunctional leaders.
Demonstrated ability to lead through influence, drive firmwide change management, and clearly communicate complex technical and security concepts to nonâtechnical stakeholders.

Nice To Haves

Experience defining and implementing security policies, controls, and incident response processes; experience building or maturing an information security program from the ground up is a plus.

Responsibilities

Lead ghSMARTâs enterprise information security program as the firmâs internal expert, driving strategy, operations, and continuous improvement.
Develop, align, and execute the firmâs information security roadmap in partnership with key stakeholders, ensuring alignment with business priorities and risk tolerance.
Define, implement, and continuously improve information security policies, standards, controls, and incident response practices, with a goal of aligning to a framework such as the ISO 27001.
Manage key security vendor relationships, including the external SOC, balancing impact, risk, and budget.
Foster a strong culture of security awareness across the firm and provide effective change management as security practices evolve.
Oversee ghSMARTâs Azure environment and enterprise Microsoft ecosystem, including Microsoft 365, Entra ID, and Windows endpoint management, ensuring secure and scalable systems.
Lead, develop, and scale a high-performing IT Support team, setting standards for service excellence, reliability, and security while ensuring highly responsive support for all employees.
Own the endâtoâend lifecycle of IT hardware and digital infrastructure, including provisioning, employee onboarding, offboarding, and device management.
Own and oversee all technology spend, including software, hardware, and outsourced services, ensuring responsible budgeting and cost management.