Ghsmartjobs2mo ago

Director, Information Security and Technology.

United StatesRemoteFull-timeexecutive

SecurityOtherInformation Security

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

Who We Are ghSMART is a premier leadership advisory firm trusted by CEOs, boards, and investors to solve their most critical leadership and talent decisions. For more than 30 years,

Technical Tools

SecurityOtherInformation Security

Who We Are

ghSMART is a premier leadership advisory firm trusted by CEOs, boards, and investors to solve their most critical leadership and talent decisions. For more than 30 years, we’ve partnered with many of the world’s most influential leaders and organizations to build winning leadership teams and amplify positive impact. Recognized for excellence, ghSMART consistently earns top rankings in industry surveys (e.g., Vault Consulting awards) and is featured in Forbes’ list of America’s Best Management Consulting Firms. Our culture is entrepreneurial and collaborative, with a strong focus on innovation and client success. Our team is made up of nearly 200 extraordinary individuals across the U.S., Europe, and APAC, who become trusted advisors to these leaders, helping amplify their positive impact on the world. We advise on the art and science of building winning leadership teams, doing meaningful work every day.

Responsibilities

~3 min read

In this role, you will have primary responsibility for enterprise information security and for, leading the information strategy, operations, and culture that keep ghSMART’s digital environment safe, resilient, and scalable. You will serve as the internal subject matter expert responsible for designing and executing the firm’s information security roadmap, managing critical vendor relationships including our external Security Operations Center, and ensuring our security practices align with relevant standards.

Beyond security, you will oversee ghSMART’s Azure environment and enterprise Microsoft ecosystem, including Microsoft 365, Entra ID, and Windows endpoint management. You will lead a high‑performing IT Support team that delivers responsive, reliable service to employees across the firm, while owning the full lifecycle of hardware, digital infrastructure, and employee onboarding, and offboarding. You will also take primary ownership of technology budgeting and cost management across all IT functions

→

Lead ghSMART’s enterprise information security program as the firm’s internal expert, driving strategy, operations, and continuous improvement.

→

Develop, align, and execute the firm’s information security roadmap in partnership with key stakeholders, ensuring alignment with business priorities and risk tolerance.

→

Define, implement, and continuously improve information security policies, standards, controls, and incident response practices, with a goal of aligning to a framework such as the ISO 27001.

→

Manage key security vendor relationships, including the external SOC, balancing impact, risk, and budget.

→

Foster a strong culture of security awareness across the firm and provide effective change management as security practices evolve.

→

Oversee ghSMART’s Azure environment and enterprise Microsoft ecosystem, including Microsoft 365, Entra ID, and Windows endpoint management, ensuring secure and scalable systems.

→

Lead, develop, and scale a high-performing IT Support team, setting standards for service excellence, reliability, and security while ensuring highly responsive support for all employees.

→

Own the end‑to‑end lifecycle of IT hardware and digital infrastructure, including provisioning, employee onboarding, offboarding, and device management.

→

Own and oversee all technology spend, including software, hardware, and outsourced services, ensuring responsible budgeting and cost management.

→

A bachelor’s degree in information security, information technology, computer science, or a related field, or equivalent experience.

→

10+ years of experience in enterprise IT, information security, or technology leadership roles.

→

Strong technical foundation across enterprise IT environments, including Microsoft 365, Entra ID, Windows endpoint management, cloud infrastructure, and modern security operations.

→

Deep expertise in information security governance, risk management, compliance frameworks, and security operations.

→

Experience defining and implementing security policies, controls, and incident response processes; experience building or maturing an information security program from the ground up is a plus.

→

Proven experience leading and managing IT and cybersecurity teams.

→

Strong vendor and stakeholder management skills, particularly with security partners and cross‑functional leaders.

→

Demonstrated ability to lead through influence, drive firmwide change management, and clearly communicate complex technical and security concepts to non‑technical stakeholders.