We are seeking a strategic and experienced Fractional Director of IT (up to 10 hours / week) to lead our internal IT strategy with a strong emphasis on security and compliance. This role focuses on developing IT strategies that align with our business objectives, enhancing operational efficiency, and strengthening our security posture. The ideal candidate will have extensive experience in IT leadership, particularly in security management, AWS cloud services, and familiarity with SOC 2 compliance.
Strategic IT and Security Planning
- Enhance and influence a comprehensive IT strategy that supports Perch's long-term business goals, with a primary focus on security and compliance
- Review security best practices across all IT planning and operations, ensuring alignment with SOC 2 standards
- Identify opportunities for technology-driven improvements and innovations that enhance security and operational efficiency
- Leverage AWS services to optimize our cloud infrastructure for scalability, reliability, and security
Security Governance and Compliance
- Set and enforce security policies, procedures, and standards to ensure data integrity, confidentiality, and compliance with relevant regulations
- Review and advise on robust security measures across systems, data, and applications to protect against threats and vulnerabilities
- Conduct regular security assessments and audits to identify and mitigate risks
AWS Cloud and Infrastructure Management
- Oversee the assessment and enhancement of Perch's AWS cloud infrastructure, ensuring it meets current and future business demands
- Implement best practices for cloud security, including identity and access management, encryption, and network security
- Evaluate and recommend AWS services and tools that can improve operational efficiency and security
Endpoint and Asset Management
- Develop and implement an endpoint management strategy for team hardware, ensuring devices are secure and compliant
- Oversee the asset management and inventory strategy, including hardware acquisition and lifecycle management
- Guide the team in implementing remote deployment and management solutions for devices in a fully remote environment
Collaboration and Leadership
- Work closely with the Director of Engineering to ensure security is integrated into the software development lifecycle and product development processes
- Collaborate with the executive team and department heads to understand technology and security requirements, providing effective solutions
- Provide leadership and guidance to IT staff and cross-functional teams, fostering a culture of security awareness and ownership
IT Service Management (ITSM)
- Define and implement Perch's IT Service Management strategy, aligning IT services with business needs
- Establish IT governance and change control processes as needed
- Define and track health metrics to measure the effectiveness and efficiency of IT services
Process Improvement and Documentation
- Analyze current IT and security processes to identify inefficiencies and vulnerabilities
- Recommend and implement improvements to enhance security, productivity, and reduce costs
- Ensure thorough documentation of IT policies, procedures, and infrastructure configurations
Risk Management and Incident Response
- Develop and maintain an incident response plan to address security breaches and other emergencies promptly
- Improve disaster recovery and business continuity plans to minimize downtime and data loss
Requirements
Education and Experience
- Minimum of 10 years of experience in IT leadership roles with a strong focus on security management and strategic planning
- Proven experience in AWS cloud services, including architecture, deployment, and security
- Demonstrated experience in SOC 2 compliance efforts and familiarity with relevant standards
- Relevant certifications such as CISSP, CISM, AWS Certified Solutions Architect, or similar are highly desirable
Skills and Competencies
- Strategic Thinking: Ability to develop long-term IT and security strategies aligned with business goals
- Security Expertise: Deep understanding of cybersecurity principles, threats, vulnerabilities, and mitigation strategies
- AWS Proficiency: Strong knowledge of AWS services and best practices for cloud infrastructure and security
- Leadership: Proven ability to lead and motivate cross-functional teams, fostering a culture of ownership and continuous improvement
- Communication: Excellent verbal and written communication skills; adept at conveying complex technical and security concepts to non-technical stakeholders
- Problem-Solving: Strong analytical skills with a solutions-oriented mindset
- Ownership: Demonstrated sense of responsibility and accountability for projects and outcomes
- Collaboration: Ability to work effectively with diverse teams and stakeholders
Personal Attributes
- Solution-Oriented: Proactive in identifying challenges and implementing effective solutions
- Strong Communicator: Able to articulate ideas clearly and build consensus
- Adaptable: Comfortable working in a fast-paced, dynamic, and fully remote environment
Innovative: Open to new ideas and encourages creative approaches to problem-solving.
Benefits
- Competitive salary and benefits package
- Flexible working hours and remote work options
- Opportunity to work with a passionate and talented team
- Chance to contribute to the growth and success of an innovative technology company
