Director of IT Governance

Position Summary:

The Director of IT Governance and Controls is responsible for overseeing and managing the IT governance and controls functions within Pax8. This role involves ensuring that the company adheres to regulatory requirements develops policies and standards and implements and assesses the IT controls environment. The Director will lead IT governance activities including audit activities assess risk management processes and implement security compliance programs to mitigate potential risks.

Essential Responsibilities:

• Develop and maintain security compliance policies standards and procedures in collaboration with key stakeholders (i.e. Legal Compliance HR IT etc.)

• IT Controls expertise including framework knowledge implementation and assessment of effectiveness. SCF experience is desireable.

• Oversee regular security assessments to ensure compliance with laws and regulations:

  • ISO 27001 recertification

  • SOC2 Type 2 annual assessment

  • PCI annual attestation

  • HIPAA annual compliance

  • Cyber Essentials – UK

  • Microsoft Supplier Data Protection Requirements (SSPA)

• Identify and address security compliance issues and risks.

• Collaborate with other departments to ensure a cohesive approach to implementing security policies standards and controls.

• Develop key metrics and report on effectiveness of policies standards and controls to senior management and regulatory bodies.

Ideal Skills Experience and Competencies:

• Extensive experience in security compliance risk management or a related field.

• In-depth understanding of the industry-specific regulations and standards.

• Strong understanding of security best practices and frameworks (e.g. ISO 27001:2022 SOC2 SCF).

• Experience in managing security compliance projects from initiation to completion.

• Proven track record of ensuring adherence to regulatory requirements and internal policies.

• At least ten (10) or more years of experience in security compliance IT Audit or related experience.

• Understanding of public cloud deployments and associated security risks and controls.

• Experience working in a Zero Trust focused security program.

• Excellent communication interpersonal and leadership skills.

• Strong sense of ethics and integrity in decision-making.

• Ability to work effectively with various departments and stakeholders.

• Competence in providing training and development on security compliance matters to staff.

• Proficiency in preparing and presenting security compliance reports to senior management and regulatory bodies.

Required Behaviors:

• Compassionate Candour—We aim to assist others with candid actionable feedback.

• Seek to Understand—Be open curious and committed to learning.

• We Before Me—Actively collaborate and seek out diverse perspectives to ensure a win for Team Pax8.

• Do What You Say—Take ownership and honor your commitments; prioritize and deliver.

• Light Up Learning—Be brave and try new ideas; be vulnerable and share your failures so everyone can learn from our mistakes.

• Driven by Passion—Connects personal passion to Pax8 mission resilient in face of adversity and uncertainty in pursuit of mission.

Required Education & Certifications:

• B.A./B.S. in a related field or equivalent work experience

Compensation:

• Qualified candidates can expect a compensation range of $150000 to $190000 or more depending on experience.

Expected Closing Date: 02/07/2025