Director- IT Operations & Security - Hybrid in Pittsburgh, PA

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Systems, or related field.
• At least 10 years of experience in IT operations and security, with at least 5 years in a leadership role
• Strong technical skills across a range of hardware, software, and networking technologies
• Experience with defining strategy and executing on that strategy
• Deep knowledge of enterprise-level security practices, including security frameworks such as ISO 27001/27701, NIST, or SOC 2
• Strong leadership skills, with the ability to inspire and motivate a team to achieve goals and objectives
• Knowledge of regulatory requirements and industry best practices related to IT operations and security
• Strong project management skills, with the ability to lead projects from inception to completion on time and within budget
• Experience with incident response and threat detection, including the ability to develop and execute security incident response plans

Nice To Haves

• A master's degree is preferred
• Relevant industry certifications, such as CISSP, CISM, or CISA, are preferred

Responsibilities

• Lead the IT Security, Infrastructure, and Operations teams, setting strategic direction and operational priorities
• Collaborate with department and company leadership to align IT infrastructure, security, and IT service strategies with business objectives
• Regularly communicate with stakeholders to provide updates on IT initiatives, gather feedback, and ensure alignment with business objectives
• Working with the CIO, develop and implement IT policies and procedures, ensuring compliance with industry best practices and regulatory requirements, including data privacy and security regulations
• Working with the CIO and other IT leadership, manage the IT budget, forecasting and tracking expenses, and making recommendations for cost savings. Own budgetary planning and execution in areas of responsibility
• Provide leadership, guidance, and mentoring to staff, promoting a culture of continuous improvement and professional development
• Stay current with emerging technologies and industry trends and make recommendations for how the company can leverage these to gain a competitive advantage
• As a member of the IT leadership team, co-own the IT innovation program and help drive awareness and adoption of existing solutions as well as identification and vetting of new use-cases
• Lead the security efforts, including the development, implementation, and maintenance of security protocols and practices across all aspects of the technology infrastructure
• Own the enterprise security strategy/roadmap, with measurable objectives and KPIs (e.g., risk reduction, control maturity)
• Conduct risk assessments and vulnerability analyses (e.g. penetration testing and RBRA), responding proactively to emerging threats and incidents
• Maintain and mature a risk management program (risk register, treatment plans, exception process)
• Maintain ISO27001 and ISO27701 certifications. Identify value-add opportunities to expand GRC certifications
• Oversee the organizational security awareness program
• Work with the Office of General Counsel and Manager – Information Security to respond to client audits and to address client-driven and other internal and external security and compliance requirements
• Own the hybrid cloud/core infrastructure strategy and target architecture; prioritize modernization (IaC, observability, SRE practices) and tech debt reduction
• Develop and implement disaster recovery and business continuity plans to ensure the availability of critical systems and data in the event of an outage or other disruption
• Define service strategies and quality targets for network, compute/storage/virtualization, identity/SSO, and UC; align with Collaboration and Security
• Own enterprise collaboration platforms (e.g., Microsoft 365/Teams, SharePoint/OneDrive) and unified communications/telephony, including roadmap, reliability, and adoption
• Oversee meeting room/AV ecosystems (hardware standards, room profiles, monitoring, firmware lifecycles) and measure meeting/call quality (MOS, drop rates, latency)
• Evaluate and recommend new technologies and tools to enhance the technology infrastructure, operations, and security posture
• Set the endpoint strategy and multi‑year roadmap across Windows/macOS/mobile and any VDI, approving standards, hardening baselines, and device governance
• Define Digital Employee Experience (DEX) objectives and KPIs; review telemetry regularly and sponsor cross‑team remediation initiatives
• Oversee the day-to-day operations of the IT department, ensuring that all systems and services are operating efficiently and securely
• Drive continuous operational improvement and implement automation strategies to enhance overall efficiency and effectiveness of IT operations
• Cultivate and sustain strong vendor relationships, overseeing contract negotiation, performance management, and ensuring vendors meet agreed-upon service levels