Lead ghSMART’s enterprise information security program as the firm’s internal expert, driving strategy, operations, and continuous improvement.
Develop, align, and execute the firm’s information security roadmap in partnership with key stakeholders, ensuring alignment with business priorities and risk tolerance.
Define, implement, and continuously improve information security policies, standards, controls, and incident response practices, with a goal of aligning to a framework such as the ISO 27001.
Manage key security vendor relationships, including the external SOC, balancing impact, risk, and budget.
Foster a strong culture of security awareness across the firm and provide effective change management as security practices evolve.
Oversee ghSMART’s Azure environment and enterprise Microsoft ecosystem, including Microsoft 365, Entra ID, and Windows endpoint management, ensuring secure and scalable systems.
Lead, develop, and scale a high-performing IT Support team, setting standards for service excellence, reliability, and security while ensuring highly responsive support for all employees.
Own the end‑to‑end lifecycle of IT hardware and digital infrastructure, including provisioning, employee onboarding, offboarding, and device management.
Own and oversee all technology spend, including software, hardware, and outsourced services, ensuring responsible budgeting and cost management.

Requirements

A bachelor’s degree in information security, information technology, computer science, or a related field, or equivalent experience.
8–10+ years of experience in enterprise IT, information security, or technology leadership roles.
Strong technical foundation across enterprise IT environments, including Microsoft 365, Entra ID, Windows endpoint management, cloud infrastructure, and modern security operations.
Deep expertise in information security governance, risk management, compliance frameworks, and security operations.
Experience defining and implementing security policies, controls, and incident response processes; experience building or maturing an information security program from the ground up is a plus.
Proven experience leading and managing IT and cybersecurity teams.
Strong vendor and stakeholder management skills, particularly with security partners and cross‑functional leaders.
Demonstrated ability to lead through influence, drive firmwide change management, and clearly communicate complex technical and security concepts to non‑technical stakeholders.

Benefits

Annual discretionary performance bonus
401(k) plan with an annual employer contribution
Comprehensive benefits package

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

information securityrisk managementsecurity policiesincident responsecloud infrastructureMicrosoft 365Entra IDWindows endpoint managementsecurity operationsIT hardware management

Soft Skills

leadershipstakeholder managementchange managementcommunicationteam developmentservice excellencereliabilityresponsivenessinfluenceculture of security awareness

Certifications

bachelor’s degree in information securitybachelor’s degree in information technologybachelor’s degree in computer scienceISO 27001