Sr. Director, Information Technology (and Data Security)
Job Description
The Sr. Director Information Technology is responsible for the global management, strategy and execution of IT infrastructure, information security and systems across Vendavo. This includes directing all IT operations to meet internal requirements, as well as the support and maintenance of existing applications and development of new technical solutions.
The Sr. Director of IT works closely with the CTO, VP of Customer Operations, and the Security Team to ensure IT infrastructure, systems and data are properly secured, and to support the growth of the company through the use of technology resources. Using an active and practical approach, the Sr. Director of IT will direct all employees in IT to attain the company’s strategic goals.
Responsibilities
Strategy
· Works in a consultative fashion with other department heads, such as marketing, development and sales, as an advisor of technologies that may improve their efficiency and effectiveness
· Analyzes complex business needs presented by the user community and/or clients and recommends technical solutions to leadership
· Establish the company’s IT vision and strategy, and lead all aspects of the corresponding technology development
· Conducts research and case studies on leading edge technologies and makes determinations on the probability of implementation
· Drive the SSAE 18 SOC 1 Type 1/2 audits, as well as future ISO 27001 certification, through successful completion, including working with People & Culture on change management and communications, and driving the organizational and process changes necessary to achieve and maintain compliance
· Develop and manage IT compliance/risk assessment framework and any associated risks, and partner with other leaders in the planning of security related to business goals and risk mitigation activities
Operations
· Ensures the consistency and maintainability of existing applications by creating, maintaining, and enforcing standards and procedures for implementing technical solutions
· Directs operations in executing production tasks according to a documented schedule that meets or exceeds customer expectations
· Directs education programs for staff to ensure continued use of best practices across the IT organization, especially in the areas of a security awareness program including data leakage and external threats
· Participates in all hardware and software evaluations and maintains vendor contracts
· Represents the IT function at customer review meetings or in RFPs as appropriate
· Develops standard security policies and best practices
· Partner with other departments and teams to ensure security/privacy controls are within the risk management framework and meet all corporate-wide requirements
· Performs liaison duties between users, operations, and programming personnel in the areas of systems design, modifications or troubleshooting
· Works closely with the People & Culture team on major facilities projects across the company
· Works with all relevant stakeholders to ensure compliance with GDPR and other privacy-related regulations
Team/Management
· Responsible for recruitment, development, and management for new hires, consultants and/or replacement personnel
· Directs and prioritizes the work of all IT personnel in the US and Europe, including a desktop support team that supports Mac and PC users
· Manages a global service desk to handle all internal IT requests from across the company
· Acts as a good steward of Vendavo resources and ensures control of IT and departmental budgets
· Inspires team and leadership to better understand and manage risk
Qualifications
· Must have demonstrable experience in Risk management and governance, including working with Risk Management frameworks in similar capacity
· Exceptional communication skills with the ability to convey complex technical solutions to stakeholders with differing levels of technical expertise
· 10+ years of progressive experience in Information Technology; experience in SaaS industry strongly preferred
· 7+ years of progressive leadership positions
· Must have track record of establishing information security policies and guidelines, and implementing corresponding IT controls
· Broad expertise in a variety of security areas with specific relevant experience successfully completing SSAE 16/18 audits and/or ISO 27001 certification
· Strong technical background with broad knowledge of technical systems, infrastructure, and methodologies
· Experience managing projects with diverse and cross-functional teams
· Expertise with security and privacy standards, such as SSAE 16/18, ISO 27001 and GDPR
· Experience developing Enterprise Risk Management
· Any relevant IT certifications a plus: CISM, CRISC, CGEIT, MCSE, AWS, CAPM, PMP, CSM
· Proven ability to lead and manage an onsite and virtual team of IT professionals with diverse job responsibilities
· Demonstrated ability to apply Information Technology to solve business problem
· Experience with cloud-based technologies and services: AWS and Azure
· Ability to work well in cross-functional teams, including software engineers, marketing, account management, sales operations, as well as the ability to provide solutions and incorporate constructive feedback
· Ability to multitask and thrive in a fast-paced, customer-driven environment
· Ability to balance leadership and individual contributions