Director, Information Security and Technology

The Director of Information Security and IT Operations will serve as a strategic leader responsible for safeguarding the organizations digital assets while ensuring the reliability scalability and efficiency of its IT infrastructure.  

This role combines oversight of enterprise-wide information security programs with the management of core IT operations including networks servers cloud environments and end-user devices. The Director will design and implement security frameworks risk management strategies and compliance initiatives while driving modernization of IT systems to support a global SaaS business model. 

Key responsibilities include embedding security into the software development lifecycle managing incident response and ensuring business continuity while also optimizing IT service delivery network performance and device lifecycle management. The role requires close collaboration with engineering product and business teams to align technology initiatives with organizational goals.  

Additionally the Director will champion the secure and responsible adoption of AI and emerging technologies balancing innovation with risk mitigation.  

Success in this position demands a blend of visionary leadership technical expertise and the ability to influence stakeholders at all levels to achieve operational excellence and robust security posture. 

Key Responsibilities:

• Manage and influence both physical and cyber security risk to protect the company its customers and stakeholders from operational financial and reputational harm.
• Support the development and execution of the companys information security strategy ensuring alignment with business objectives and risk appetite.
• Implement and maintain security governance processes policies and standards across the organization ensuring compliance with applicable regulations and frameworks.
• Contribute to the secure and responsible adoption of AI technologies within the organization and in AI-enabled products.
• Oversee day-to-day security operations including monitoring incident response and vulnerability management to minimize risk and impact.
• Partner with IT Engineering and Product teams to embed security into the software development lifecycle (secure-by-design testing and vulnerability remediation).
• Assist in defining and improving cloud and SaaS security practices including identity and access management encryption and monitoring.
• Manage third-party security risk assessments and ensure appropriate controls are in place for vendors and partners.
• Drive security awareness and training programs to promote a culture of security across the organization.
• Provide regular reporting on security posture incidents and risk metrics to senior leadership.
• Manage global technology device onboarding refresh and return processes; determine hardware needs for employee base; ensure assets are tracked and maintained
• Ensure internal IT networks are stable and functioning properly; address office issues when they arise keep technology up to date and make recommendations for upgrades as technology and needs change
• Lead global IT Support function to ensure hardware and software problems are addressed timely and comprehensively.  Maintain service level agreements for response and resolution timeframes. 

Qualifications :

Requirements / Minimum Qualifications:

• Education: Bachelors degree in Information Security Computer Science Information Technology or a related field.
• Experience: Minimum of 810 years in information security roles with at least 3 years in a leadership or management capacity.
• Strong knowledge of cybersecurity frameworks (e.g. ISO 27001 SOC 2) and familiarity with NIST CSF or equivalent.
• Proven experience developing and implementing security policies standards and procedures in a SaaS or software-driven environment.
• Hands-on experience with application and product security including secure SDLC and DevSecOps practices.
• Solid understanding of cloud security principles and SaaS operations (identity and access management encryption monitoring).
• Demonstrated ability to manage incident response and vulnerability management programs effectively.
• Excellent communication and interpersonal skills with the ability to convey security concepts to technical and non-technical audiences.
• High level of integrity sound judgment and ability to handle confidential information appropriately.

Preferences / Nice-to-Haves:

• Masters degree in Information Security Cybersecurity or a related field.
• Professional certifications such as CISSP CISM or CISA.
• Proficiency with German language
• Experience in a global SaaS organization or software company serving the manufacturing technology industry.
• Familiarity with AI security risks and governance for AI-enabled products and services.
• Experience implementing DevSecOps practices and security automation in CI/CD pipelines.
• Knowledge of third-party risk management and supplier security assurance processes.
• Strong background in cloud-native security architectures (AWS Azure or GCP).
• Experience with regulatory compliance in multiple jurisdictions (e.g. GDPR SOC 2 ISO 27001).
• Understanding of global IT function including asset management network management and associated support and refresh processes

Additional Information :

Revalize designates standard working hours as 8:00 am to 5:00 pm Eastern Time (ET) for employees based in the United States and 08:00 to 17:00 Central European Time (CET) for employees operating within the EMEA region.

Revalize is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race religion color national origin sex (including pregnancy childbirth or related medical conditions) sexual orientation gender gender identity gender expression transgender status sexual stereotypes age status as a protected veteran status as an individual with a disability or other applicable legally protected characteristics. Revalize participates in the E-Verify program in certain locations as required by law.

The compensation offered to the successful candidate will be based on a variety of factors including but not limited to the candidates work experience education and licenses work-related training key skills the core duties of the role and its associated responsibilities additional benefits offered and the location where the work will be performed. All fulltime (30 hours) employees are eligible for PTO Sick and Parental Leave; Medical Dental and Vision Insurance; 401(k) Plan; Health Savings Account; Life Insurance; Employee Assistance Program.

This is a full-time bonus eligible position.  Base Salary is one part of our competitive total compensation and benefits package and is determined using a range. The listed compensation range represents our good faith estimate for this position and represents the range for new hire salaries across all U.S locations. Please note that the salary information is a general guideline only.

Qualified applicants will be asked to complete a 30 minute online pre-employment assessment as part of the recruitment process. 

Remote Work :

Yes

Employment Type :

Full-time