Director of IT and Cyber Security

The Director of IT & Cybersecurity is responsible for overseeing the strategic direction, management, and implementation of IT infrastructure and cybersecurity initiatives across the organization. This role combines both IT management and cybersecurity expertise to ensure that the company’s technology environment is secure, resilient, and aligned with business objectives. The Director will lead a team of IT professionals and cybersecurity experts, collaborate with senior leadership, and manage IT and security operations, ensuring compliance with industry standards and regulations.

KEY RESPONSIBILITIES

Leadership and Strategy:

• Lead the development and execution of IT and cybersecurity strategies aligned with organizational goals and objectives.
• Provide leadership and direction to the IT department, including systems administration, network infrastructure, and support services.
• Develop and communicate cybersecurity policies, procedures, and guidelines to mitigate risks.
• Serve as the key point of contact for cybersecurity-related matters within the organization.

IT Infrastructure Management:

• Oversee the management and maintenance of the organization's IT infrastructure, including servers, networks, cloud services, and hardware.
• Ensure the effective implementation and management of enterprise applications and systems.
• Evaluate and select technology vendors and service providers, ensuring alignment with the company’s needs and security standards.
• Manage IT budgets, resources, and staffing to ensure cost-effective delivery of IT services.

Cybersecurity Oversight:

• Develop and implement cybersecurity strategies to protect the organization from cyber threats, including hacking, phishing, ransomware, and data breaches.
• Oversee the design, implementation, and monitoring of security architecture and solutions (firewalls, IDS/IPS, encryption, endpoint protection, etc.).
• Manage incident response plans and lead the response to security incidents, including breaches, vulnerabilities, and data leaks.
• Regularly conduct risk assessments and vulnerability scans to identify potential security gaps and ensure proactive mitigation.
• Ensure data privacy compliance with regulations such as GDPR, HIPAA, PCI DSS, and other relevant standards.

Team Management & Development:

• Lead, mentor, and develop a high-performing team of IT professionals, cybersecurity analysts, engineers, and support staff.
• Establish clear goals, performance metrics, and professional development plans for team members.
• Foster a culture of continuous improvement and innovation within the IT and cybersecurity teams.
• Provide regular training and awareness programs to employees on security best practices and company policies.

Compliance and Governance:

• Ensure compliance with local, national, and international cybersecurity regulations, including data protection laws.
• Manage internal and external audits related to IT systems, data security, and compliance requirements.
• Collaborate with legal, risk management, and compliance teams to ensure alignment with organizational governance frameworks.

Collaboration with Business Units:

• Work closely with business leaders and other departments to identify technology needs and ensure the IT and security infrastructure supports business objectives.
• Provide guidance on the secure use of emerging technologies such as cloud computing, AI, IoT, and big data.
• Build strong relationships with external stakeholders (vendors, partners, regulatory bodies) to enhance the organization’s IT and cybersecurity posture.

Incident Response & Crisis Management:

• Lead the creation and execution of incident response plans, including handling breaches, cyber-attacks, and other security incidents.
• Act as the primary point of contact for escalated security incidents and technical disruptions.
• Manage post-incident reviews and ensure lessons learned are integrated into future security strategies and policies.

QUALIFICATIONS

Education:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (required).
• Master’s degree in a relevant field or an MBA (preferred).

Certifications:

• Certified Information Systems Security Professional (CISSP) or similar cybersecurity certification (required).
• Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or other relevant certifications (preferred).
• Project Management Professional (PMP) or ITIL certification (preferred).

Experience:

• Minimum of 7–10 years of experience in IT management, with at least 5 years in a leadership role focused on cybersecurity.
• Proven experience in designing and implementing IT security strategies and systems in a large-scale enterprise environment.
• Hands-on experience with security technologies such as firewalls, SIEM (Security Information and Event Management), endpoint protection, vulnerability management tools, and encryption.
• Strong background in regulatory compliance frameworks such as HIPAA, GDPR, PCI DSS, NIST, or ISO 27001.
• Excellent knowledge of IT infrastructure, network architecture, and cloud security.

Skills:

• Strong leadership, strategic thinking, and decision-making abilities.
• In-depth knowledge of cybersecurity threats, vulnerabilities, risk management, and mitigation techniques.
• Excellent problem-solving skills and the ability to lead crisis management during incidents.
• Exceptional communication skills, with the ability to present complex technical issues to non-technical stakeholders.
• Ability to build and maintain strong relationships with internal and external stakeholders.
• Strong project management skills and experience with budgeting and resource allocation.

Personal Attributes:

• Analytical and detail-oriented, with a passion for technology and security.
• Proactive and able to anticipate risks and issues before they arise.
• Resilient, with the ability to perform under pressure and handle complex challenges.
• High ethical standards and integrity in handling sensitive data and security matters.