Director Of IT Governance

Summary

Join Pax8 as the Director of IT Governance and Controls, overseeing and managing IT governance and controls functions. Ensure compliance with regulatory requirements, develop policies and standards, and implement and assess the IT controls environment. Lead IT governance activities, including audits, risk assessment, and security compliance program implementation. Collaborate with key stakeholders across departments to maintain a cohesive approach to security. Develop key metrics and report on the effectiveness of policies and controls to senior management and regulatory bodies. This role requires extensive experience in security compliance and risk management, a strong understanding of industry regulations and frameworks, and excellent communication and leadership skills. Pax8 offers a competitive compensation package and a comprehensive benefits program.

Requirements

• Extensive experience in security compliance, risk management, or a related field
• In-depth understanding of the industry-specific regulations and standards
• Strong understanding of security best practices and frameworks (e.g., ISO 27001:2022, SOC2, SCF)
• Experience in managing security compliance projects from initiation to completion
• Proven track record of ensuring adherence to regulatory requirements and internal policies
• At least ten (10) or more years of experience in security compliance, IT Audit, or related experience
• Understanding of public cloud deployments and associated security risks and controls
• Experience working in a Zero Trust focused security program
• Excellent communication, interpersonal, and leadership skills
• Strong sense of ethics and integrity in decision-making
• Ability to work effectively with various departments and stakeholders
• Competence in providing training and development on security compliance matters to staff
• Proficiency in preparing and presenting security compliance reports to senior management and regulatory bodies
• B.A./B.S. in a related field or equivalent work experience

Responsibilities

• Develop and maintain security compliance policies, standards, and procedures in collaboration with key stakeholders (i.e., Legal, Compliance, HR, IT, etc.)
• Demonstrate IT Controls expertise including framework knowledge, implementation, and assessment of effectiveness. SCF experience is desirable
• Oversee regular security assessments to ensure compliance with laws and regulations: ISO 27001 recertification
• SOC2 Type 2 annual assessment
• PCI annual attestation
• HIPAA annual compliance
• Cyber Essentials – UK
• Microsoft Supplier Data Protection Requirements (SSPA)
• Identify and address security compliance issues and risks
• Collaborate with other departments to ensure a cohesive approach to implementing security policies, standards, and controls
• Develop key metrics and report on effectiveness of policies, standards, and controls to senior management and regulatory bodies

Preferred Qualifications

SCF experience

Benefits

• Non-Commissioned Bonus Plans or Variable Commission
• 401(k) plan with employer match
• Medical, Dental & Vision Insurance
• Employee Assistance Program
• Employer Paid Short & Long Term Disability, Life and AD&D Insurance
• Flexible, Open Vacation
• Paid Sick Time Off
• Extended Leave for Life events
• RTD Eco Pass (For local Colorado Employees)
• Career Development Programs
• Stock Option Eligibility
• Employee-led Resource Groups