Director of IT

. Cybersecurity & Risk Mitigation

Description
Responsible for the proactive defense of the enterprises digital perimeter and internal data assets. Implement and enforce cybersecurity controls to protect ERP financial data payroll data customer records and operational systems.

This includes accountability for:

• Management of firewall configurations and endpoint protection software.
• Execution of recurring vulnerability scanning and immediate patch deployment.
• Implementation of multi-layered email security and anti-phishing protocols.
• Enterprise-wide data encryption standards and their enforcement for stationary and mobile devices.
• Conduct of formal risk assessments for all third-party technology vendors.
• Incident response documentation

Measured By:

• Internal security audit scores.
• Mean time to detect (MTTD) and mean time to remediate (MTTR) vulnerabilities.
• Incident response documentation
• External security assessment results

2. Strategic Innovation & Revenue Enhancement

Description
Responsible for leveraging technology to enhance the companys Unique Selling Proposition (USP) in the marketplace.

This includes accountability for:

• Researching and vetting industry-specific technologies that provide competitive advantages.
• Integrating advanced client-facing tools (e.g. IoT monitoring automated reporting) into the service delivery model.
• Collaborating with Sales and Operations to ensure technical tools are utilized as a value-add for clients.
• Monitoring market trends to prevent technological obsolescence in service offerings.

Measured By:

• Revenue growth attributed to tech-enhanced service contracts.
• Client adoption rates of digital platforms.
• Net promoter score related to technology-driven revenue streams.

3. IT Infrastructure Governance

Description
Maintain all network server cloud workstation mobile device and communication systems supporting ERP software CRM software and related platforms.

This includes accountability for:

• Network performance management
• Server hosting environment
• Cloud backup systems
• Endpoint device security
• Field technician mobile device management
• Hardware lifecycle replacement planning

Measured By:

• Infrastructure uptime
• Backup validation logs
• Recovery time during outage events

4. Access Control & Authorization

Description
Govern user provisioning and deactivation aligned with HR onboarding and separation controls.

This includes accountability for:

• Role-based access provisioning after documented authorization
• Immediate deactivation upon HR clearance
• Multi-factor authentication enforcement
• Quarterly access audits
• Removal of dormant accounts
• Documentation of access approvals

Measured By:

• Zero unauthorized active accounts
• Deactivation within 24 hours of separation
• Audit completion documentation

5. IT Policy & Compliance Documentation

Description
Develop and maintain enforceable IT governance documentation supporting operational and financial internal controls.

This includes accountability for:

• IT security policy maintenance
• Acceptable use policy enforcement
• Disaster recovery plan documentation
• Data retention controls
• IT asset inventory tracking
• Audit readiness documentation

Measured By:

• Policy acknowledgment completion
• Audit findings
• Disaster recovery test validation