Director of IT, Information Security & Compliance

About The Position

Requirements

• 7–12 years of total IT experience
• 3–5+ years in security, compliance, or infrastructure leadership
• Hands-on experience implementing NIST 800-53 or 800-171
• Experience with C-TPAT cybersecurity requirements or similar regulated frameworks
• Deep experience with Microsoft 365 security stack
• Experience securing SaaS-heavy, remote-first environments
• Experience writing and implementing security policies
• Experience working with auditors, customers, or regulators
• Background in logistics, transportation, warehousing, manufacturing, healthcare, or another regulated industry

Nice To Haves

• SOC 2 or ISO 27001 experience
• Logistics, 3PL, freight forwarding, or customs brokerage exposure
• Experience with CargoWise, Salesforce, NetSuite, or Revenova
• Azure or AWS security experience
• SIEM implementation experience
• Prior first security hire or IT transformation role
• Experience supporting global teams

Responsibilities

• Lead implementation of NIST 800-53 or 800-171 controls and close identified gaps
• Prepare and maintain C-TPAT cybersecurity documentation and controls
• Design and enforce Zero Trust and least-privilege access models
• Own incident response, disaster recovery, and business continuity planning
• Implement security awareness training and phishing simulations
• Establish vendor risk management and third-party security reviews
• Prepare the company for future SOC 2 and ISO 27001 audits
• Secure and manage Microsoft 365 including Entra ID, Intune, Defender, and Purview
• Implement endpoint management and MDM across all devices
• Enforce MFA, conditional access, and SSO
• Secure SharePoint, OneDrive, Teams, and external sharing
• Secure Salesforce, CargoWise, Revenova, and custom TMS platforms
• Implement logging, monitoring, and SIEM using Microsoft Sentinel or similar tools
• Design secure network architecture across offices, VPNs, and cloud services
• Manage backups, data retention, DLP, and asset lifecycle
• Map data flows across TMS, WMS, CRM, finance, and customs systems
• Define data classification and access policies
• Secure APIs and system integrations
• Establish security standards for new SaaS tools and vendors
• Write and maintain IT and security policies
• Create SOPs for onboarding, offboarding, and access reviews
• Lead internal risk assessments and executive reporting
• Act as point of contact for auditors, customers, and regulators
• Build and mentor a small IT and security team over time
• Transition day-to-day support to junior staff or an MSP
• Define and execute an IT roadmap aligned with business growth
• Advise leadership on technology risk and investment decisions

Benefits

• Competitive salary
• End of year bonus
• Clear growth path to VP or CIO
• High visibility executive-facing role