Director of Information Security and IT

Role OverviewThe Director of Information Security is responsible for establishing and implementing information security strategies, policies, standards, and risk management processes for both our internal operations and SaaS product offerings. This is a full-time position based in our Boston office, with a requirement to work onsite at least three (3) days per week as part of our hybrid work model. This role reports to the Chief Financial Officer.  Key Responsibilities:Lead our enterprise information security strategy and implementation to create a competitive advantage Be our customer-facing security expert for both customers and prospects, including completing RFP responsesDevelop, implement, and monitor our strategic, comprehensive enterprise information security and risk management programComplete our SOC2 certification process and other security certifications, audits, and assessmentsLead the identification, reporting, and response to information security incidents, if any.Responsible for staying abreast of the changing landscape of cybersecurity threats while updating our information security plan as neededWork directly with the business units to facilitate risk assessment and risk management processesPartner with business stakeholders across the company to raise awareness of risk management concernsAssist with the overall business technology planning, providing current knowledge and future vision of technology and systemsDevelop metrics for measuring and improving the effectiveness of the overall information security plan and reporting to the executive team Manage our internal and outsourced IT support function