Director, Information & Technology Security

About The Position

Requirements

• 6–10+ years in information or technology security roles
• Experience operating security in mid-market or PE-backed environments
• Strong background in: Identity & Access Management (Entra ID / Azure AD) Endpoint security and EDR Microsoft 365 security stack Incident response and security operations
• Ability to balance security requirements with business realities
• Experience partnering with IT Operations, Infrastructure, and vendors
• Strong communication skills with both technical and non-technical leaders

Responsibilities

• Reduce enterprise security risk through practical, enforceable controls
• Execute against the company’s multi-year security roadmap
• Mature identity, endpoint, and data protection capabilities
• Operationalize detection, response, and monitoring
• Support secure growth through M&A and integration activity
• Improve visibility, consistency, and security posture without unnecessary friction
• Own identity security strategy and execution across Entra ID and Microsoft 365
• Implement and maintain conditional access, MFA, and privileged identity management
• Establish baseline access standards and least-privilege models
• Reduce identity-based risk and credential abuse across the enterprise
• Partner with IT Operations on identity lifecycle management and access reviews
• Oversee endpoint protection, device compliance, and EDR capabilities
• Partner with Intune and Device teams to enforce security baselines
• Improve detection and response through MDR and telemetry
• Reduce endpoint-based attack surface and configuration drift
• Ensure security controls scale across acquired environments
• Lead data loss prevention (DLP), insider risk, and sensitive data protection efforts
• Partner with IT and Legal on data classification and protection strategies
• Improve visibility into sensitive data usage and movement
• Reduce data exfiltration risk across cloud and endpoint environments
• Support investigations and response to insider-related events
• Improve visibility into SaaS usage and shadow IT
• Partner with Technology teams on secure application access and posture
• Support future-state cloud app security capabilities
• Ensure security controls align with business workflows, not disrupt them
• Own incident response planning and execution
• Partner with SOC / MDR providers to ensure effective detection and response
• Lead security investigations and post-incident remediation
• Establish clear runbooks, escalation paths, and communication protocols
• Provide executive-level visibility into incidents, risks, and remediation progress
• Support security diligence for acquisitions
• Assess security posture of acquired entities
• Partner with Technology Operations to prioritize remediation
• Drive security standardization post-close without disrupting operations

Benefits

• Employer Paid Life & AD&D
• Employer Paid Short- & Long-term disability
• Paid Holidays
• 401k with employer match
• Health, Vision, and Dental insurance