IT Director, Information Security - Corporate IT (Kansas City)

Description

Position Overview

The IT Director, Information Security, leads the company's cybersecurity strategy, ensuring data, assets, and operations are protected. Reporting to the VP of IT, this role oversees Security Operations, Governance Risk & Compliance, Cybersecurity Infrastructure & Design, and IT Business Continuity/Disaster Recovery.

The Director develops and maintains security programs, ensuring compliance with regulations and risk management standards. They collaborate with executives to align cybersecurity with business objectives and communicate risks effectively to senior leadership.

This role requires a strategic leader with expertise in cybersecurity, business management, and risk assessment. The ideal candidate is a consensus builder, capable of integrating people, processes, and technology to strengthen the company's security posture.

Key Responsibilities:

Strategic Governance

• Manage the enterprise-wide cybersecurity strategy to align with business goals.
• Provide regular security updates to senior leadership and the Board.
• Lead cybersecurity risk management and ensure cybersecurity is integrated into IT and business processes.
• Manage cybersecurity budget and resource allocation efficiently.
• Oversee security training programs to foster awareness across employees and contractors.
• Build and manage a high-performing cybersecurity team.
• Foster a culture of security awareness and risk-based decision-making.
• Serve as the company's cybersecurity representative for external agencies and industry groups.

Security Operations

• Oversee Security Operations, threat intelligence, and incident response.
• Conduct risk assessments, penetration testing, and security audits.
• Lead the vulnerability management program
• Perform threat hunting to proactively find unknown/ advanced threats in the network

Governance, Risk and Compliance

• Lead internal and external security audits and drive continuous compliance improvements.
• Maintain cybersecurity certifications (ISO 27001, SOC 2).
• Ensure adherence to cybersecurity regulations (CMMC, NIST 800-171, GDPR, ITAR).
• Maintain security policies and frameworks (NIST, ISO 27001, etc.) to ensure compliance with regulations (CMMC, GDPR, ITAR).
• Collaborate with vendors and partners to enforce cybersecurity requirements.

Cybersecurity Infrastructure & Design

• Liaises with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures, ensuring that cybersecurity is built in by design
• Secure critical data, intellectual property, and enterprise systems.
• Strengthen cloud security and protect job site digital assets.
• Define cybersecurity controls for IT infrastructure.

IT Business Continuity & Disaster Recovery

• Oversee a comprehensive Business Continuity Plan and Disaster Recovery strategy to ensure organizational resilience and protect critical systems and data.
• Collaborate with departments to develop, document, and test continuity plans.
• Establish recovery objectives (RTOs/RPOs) and ensure robust DR capabilities.
• Ensure DR plans align with cybersecurity, cloud computing, and data protection best practices.
• Monitor and assess emerging risks that could impact business operations.
• Lead crisis management efforts during real-world incidents, ensuring timely communication and coordination.

Qualifications

Required:

• Bachelor's degree in computer science, engineering, business or related field from accredited program and 14 years related professional experience, including 7 years managing teams required.
• Expert knowledge of technology and the application of technology in business.
• Proven ability to develop business and establish relationships with clients.
• Strong analytical and problem-solving skills.
• Demonstrated success in project management.
• Strong collaboration, organization, and problem-solving skills.
• Ability to thoughtfully and positively influence, lead and manage.
• Excellent planning and analytical skills.
• Excellent oral and written communication skills; strong interpersonal skills; and the ability to clearly and effectively present complex information to all levels of employees, management, and clients.

Strongly preferred:

• 15 years of progressive experience in cybersecurity, including leadership roles.
• Expertise in enterprise cybersecurity, cloud security (AWS, Azure, Google), and risk management.
• Strong knowledge of cybersecurity frameworks (NIST, ISO 27001) and regulatory compliance (CMMC, ITAR, GDPR, SEC rules).
• Experience with cyber threat intelligence, incident response, and security operations.
• Proven ability to collaborate with executive leadership and technical teams.

This job posting will remain open a minimum of 72 hours and on an ongoing basis until filled

EEO/Minorities/Females/Disabled/Veterans

Job Information Technology

Primary Location US-MO-Kansas City

Schedule: Full-time

Travel: Yes, 25 % of the Time

Req ID: 250698

Job Hire Type Experienced #LI-SS #COR