Remotery

Director, IT & Security

Posted 21 hours ago

This is a fully remote position, open to applicants in Texas.

📋 Description

• Take charge of comprehensive IT operations, encompassing device lifecycle management, onboarding and offboarding processes, SaaS administration, identity and access management, help desk support, and office infrastructure across all locations.

• Spearhead the technical controls aspect of Tonal's HIPAA compliance initiative, executing the necessary safeguards mandated by the HIPAA Security Rule and HITECH Act.

• Oversee and implement Tonal's security program, which includes remediation from penetration testing, security policy formulation, conducting tabletop exercises, vendor security assessments, and incident response strategies.

• Manage Tonal's AI tool ecosystem, handling licensing, expenditure, API key governance, corporate AI policy, as well as data loss prevention and prompt injection safeguards.

• Administer Tonal's SaaS portfolio by managing contract renewals, optimizing licenses, and negotiating with vendors across essential platforms.

• Propel automation and enhance identity governance maturity, including Okta Identity Governance, expanding SCIM-based provisioning, establishing and enforcing RBAC frameworks, and promoting workflow automation and system integration.

• Lead and develop the IT & Security team, supervising engineers and administrators, overseeing virtual CISO engagement, managing the budget, and aligning the organizational structure to meet Tonal's needs.

• Maintain IT documentation and improve processes, ensuring runbooks are up-to-date, addressing gaps in onboarding, offboarding, and incident response, and fostering overall automation.

• Manage global physical infrastructure, including networking, Wi-Fi, audiovisual technology, and physical access, across a distributed, multi-office environment.

• Act as a trusted operator on Tonal's most sensitive issues, ranging from executive access provisioning to security incidents and legal holds.

• Regularly report to senior leadership and the C-suite, translating IT & Security roadmap priorities, progress, technical risks, and incident management into clear, actionable narratives.


⛳️ Requirements

• Over 10 years of experience in IT and security leadership, with comprehensive functional ownership and expertise in identity and access management, endpoint security, SaaS administration, network infrastructure, and security program management.

• Hands-on experience in implementing HIPAA compliance, going beyond mere policy documentation.

• Proven history of establishing a security program from the ground up, including policy development, penetration testing, and real incident response.

• Extensive knowledge in identity and access management, endpoint security, SaaS administration, and network infrastructure.

• Comfortable both in configuring technical systems and articulating security risks to executive leadership.

• Possess a start-up mindset, thriving in dynamic, resource-limited environments without compromising on security standards.

• Demonstrated ability to prioritize effectively with a lean team and limited budget, achieving measurable outcomes.

• Experience in managing a large SaaS portfolio, including contract renewals, vendor negotiations, and license governance.

• Strong leadership skills, with the ability to set clear expectations and foster the development of team members.

• Uphold high standards of trust, integrity, and discretion, given access to the company's most sensitive systems.


🏝️ Benefits

• Tonal is dedicated to addressing the diverse needs of individuals with disabilities in a timely manner, aligned with the principles of independence, dignity, integration, and equal opportunity.

People also viewed

Red River4 hours ago

Cybersecurity Subject Matter Expert – Managed Services

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Rimini Street4 hours ago

Security Product Services Engineer

BR flagBrazil OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Nasstar4 hours ago

Senior Security Control Manager

GB flagUnited Kingdom OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Reinsurance Group of America, Incorporated4 hours ago

Staff Cybersecurity Architect – Data Security, Data Loss Prevention

US flagMissouri OnlyFull-timeCybersecurity / Security Engineer$150.8k – $224.6k/year
ApplyView job
Case IQ4 hours ago

Information Security Compliance Associate

CA flagCanada OnlyFull-timeCybersecurity / Security Engineer$65k – $80k/year
ApplyView job
Phoenix Software Limited4 hours ago

Professional Services Engineer, Microsoft Cybersecurity

GB flagUnited Kingdom OnlyFull-timeCybersecurity / Security Engineer
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers