Director of Information Security & Technology

Who Is Nisos

Nisos is the Managed Intelligence Company. Were a digital investigations partner who unmasks threats to protect people and organizations. Were trusted advisors who operate as an extension of security intelligence legal and trust and safety teams. Nisos helps to solve our clients most difficult challenges through open source intelligence. We provide actionable intelligence services including digital investigations assessments and monitoring. At Nisos its our mission to keep organizations and whats most important to them safe their teams clients users and key assets.

We deliver tangible impact to our clients daily by helping them protect their reputation and value increase their revenues reduce their losses and avoid regulatory penalties and fines. They use our intelligence to make critical technology and policy decisions. Our work also informs their legal M&A and partner strategies and reduces foreign influence threats.

Working at Nisos

We are a distributed remote and hybrid-working team operating in both the U.S. and Northern Ireland. We believe in supporting and unlocking the potential of our team through training professional development and advancement opportunities. We cultivate a truly people-first trusted partner culture of integrity innovation inclusion responsibility and collaboration.

What Is The Opportunity

At Nisos were committed to ensuring protection of our computer networks and our data and maintaining security posture and protection of electronically stored information across our systems. This position is responsible for planning implementing upgrading and monitoring security measures for the protection of our platforms computer networks and information. You will assess system vulnerabilities for security risks and propose and implement risk mitigation strategies. You will ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. The ideal candidate will have excellent organizational communication and management skills along with an ability to lead training sessions and workshops for staff members. In this role the person will often be asked to independently communicate with all relevant employees to promote information security and data protection compliance within the organization.

What Youll Do

• Strategic Information Security Leadership:
  • Lead enterprise-wide security initiatives and collaborate with stakeholders to assess organizational risk posture
  • Design and implement comprehensive security architectures using advanced encryption firewalls and security applications
  • Develop and execute strategic plans to safeguard digital assets and ensure business continuity
  • Conduct security assessments penetration testing coordination and risk analysis
  • Create and maintain incident response playbooks and lead crisis response efforts
• Advanced IT Support & Management:
  • Oversee complex IT infrastructure and provide escalated technical assistance
  • Lead enterprise system implementations and major technology transitions
  • Design and manage onboarding/offboarding processes for all organizational levels
  • Drive continuous improvement in IT service delivery and customer satisfaction
  • Manage vendor relationships and evaluate emerging technologies
• AWS Cloud Security Leadership:
  • Design and implement comprehensive AWS security architectures following Zero Trust principles and AWS best practices
  • Lead AWS security assessments and vulnerability management across multi-account environments
  • Develop and maintain AWS security policies and automated compliance monitoring
  • Oversee AWS identity and access management including implementation of least privilege access controls and role-based permissions
  • Champion AWS security training and knowledge sharing across development and operations teams
• AI Security & Ethics Leadership:
  • Develop and implement enterprise-wide AI governance framework ensuring responsible adoption of artificial intelligence technologies across all business units
  • Lead AI risk assessments to identify potential security vulnerabilities data privacy implications and ethical considerations in AI implementations
  • Establish AI security policies covering data handling model security bias prevention and compliance with emerging AI regulations
  • Create AI training programs to educate staff on responsible AI usage security best practices and ethical considerations
  • Collaborate with legal and compliance teams to ensure AI initiatives align with data protection laws and industry standards
  • Monitor and evaluate AI tools for security risks data leakage potential and compliance with organizational policies
  • Champion transparency and accountability in AI deployment while maintaining competitive advantage and innovation capabilities
• Enterprise Compliance & Audit Leadership:
  • Lead comprehensive compliance programs ensuring adherence to industry standards and regulations including SOX PCI-DSS HIPAA GDPR CCPA ISO 27001 and SOC 2 Type II requirements while managing internal and external audit processes from planning through remediation.
  • Oversee SOC 2 Type II audit preparation evidence collection and control testing across security availability processing integrity confidentiality and privacy trust service criteria.
  • Develop and maintain compliance policies across all organizational units conduct regular risk assessments and gap analyses and serve as primary liaison with regulatory bodies external auditors and SOC 2 auditing firms.
  • Design and implement continuous monitoring processes for SOC 2 controls ensuring operational effectiveness throughout the audit period and maintaining readiness for annual SOC 2 Type II assessments.
  • Design and deliver enterprise-wide compliance training programs review violations of compliance and data processing procedures to prevent recurrence and promote a culture of compliance and information security across all organizational units.
  • Oversee regulatory reporting coordinate audit preparation efforts maintain comprehensive documentation repositories including SOC 2 control narratives and evidence and provide regular compliance metrics and risk reporting to executive leadership and board committees.

Who You Are and What You Bring

• Experience & Education:
  • Five or more years of progressive experience in information security data protection compliance and IT systems management
  • Bachelors degree in Computer Science Information Security or related field; Masters degree preferred
  • Professional certifications such as CISSP CISM CISA or equivalent security credentials
• Technical Expertise:
  • Advanced knowledge of computer systems with proven ability to architect implement and troubleshoot complex hardware and software environments
  • Expert-level understanding of data protection laws and frameworks including GDPR CCPA HIPAA and emerging regulations
  • Experience with enterprise security tools vulnerability management and threat intelligence
  • Knowledge of cloud security (AWS) and hybrid infrastructure management
  • Advanced AWS cloud security expertise with hands-on experience securing AWS environments at enterprise scale
  • Deep understanding of AWS security services including IAM GuardDuty Security Hub CloudTrail Config and VPC security
  • Proficiency in Infrastructure as Code (Terraform) for secure cloud deployments
• Leadership & Management:
  • Advanced project and program management skills with experience leading cross-functional initiatives
  • Proven ability to manage and mentor junior staff and coordinate with external vendors
  • Strategic planning capabilities with experience developing long-term security roadmaps
  • Budget management and vendor relationship experience
• Core Competencies:
  • Exceptional ability to work under pressure while managing highly sensitive and confidential information
  • Outstanding verbal and written communication skills with experience presenting to executive leadership
  • Advanced analytical and problem-solving abilities with strong attention to detail
  • Ability to translate technical concepts for non-technical stakeholders

Great to Have

• AWS Certified Security - Specialty certification
• AWS Certified Solutions Architect - Professional certification
• AWS Certified DevOps Engineer - Professional certification
• Security certification
• On-track for Certified Information Systems Security Professional (CISSP) certification
• Expertise in data protection laws and practices including deep understanding of GDPR.

Where Youll Work

• This is a hybrid position located in Belfast Northern Ireland.
• You must be authorized to work in the United Kingdom.

Things Youll Use

To perform effectively in a remote role you must meet the following physical and logistical requirements:

• Sitting/Desk Work:
  • Ability to remain seated at a workstation for extended periods (up to 68 hours daily) to perform tasks like typing reading and attending virtual meetings.
• Typing/Computer Use:
  • Frequent and consistent use of a keyboard mouse and monitor for data entry document creation and online collaboration.
  • Proficiency with standard office software and virtual communication tools (e.g. Google Workspace Slack).
• Visual Requirements:
  • Extended screen time with a need for clear vision to view text and images on monitors and mobile devices.
• Dedicated Workspace:
  • A quiet distraction-free home office or workspace equipped with a reliable desk comfortable chair and sufficient lighting.
  • Secure and private environment to maintain confidentiality of sensitive information.
• Technology:
  • Reliable high-speed internet connection (minimum upload/download speeds as specified by the company).
  • A company-approved laptop or desktop computer webcam headset and other necessary peripherals.
• Communication & Availability:
  • Ability to participate in virtual meetings and respond to emails calls and messages during designated work hours.
  • Consistent adherence to company policies regarding availability and communication.
• Systems
  • Amazon Web Services
  • Okta
  • Jamf Pro

Where Youll Go

• Less than 10%. You must have a valid passport for travel to the US and Northern Ireland offices.

Disclaimer
This job description is not designed to cover nor contain a comprehensive listing of activities duties or responsibilities that are required of the employee. Duties responsibilities and activities may change or new ones may be assigned at any time with or without notice.

Nisos Core Value: We are Diverse
Were an equal opportunity employer dedicated to fostering a diverse workplace and prioritizing dignity and respect for our workforce. The goals of our trusted-partner culture are to establish an environment where employees have a sense of belonging and to support all employees in reaching their fullest potential. We do this by cultivating a listening culture that values each individuals unique perspectives backgrounds and contributions.

We integrate diversity equity inclusion and belonging into our business strategy and across the employee lifecyclefrom recruitment and onboarding to engagement development and off-boarding. We believe in equal employment opportunity and advancement for all regardless of race religion color sex national origin ancestry caste physical or mental disability medical condition genetic information marital status gender gender identity or expression age military or veteran status sexual orientation or any other protected basis under applicable federal state and local laws.

Nisos is also committed to providing access equal opportunity and reasonable accommodation for individuals with disabilities in employment services programs and activities. To request reasonable accommodation for the job application or interview process email

Privacy Notice: Prospective Employee Privacy Notice: