Director, Information Security

United States - Remote


Apptega is a cloud-based cybersecurity compliance platform purpose-built for security providers looking to offer compliance-as-a-service at scale.

View company page

The Director of Information Security is responsible for managing a comprehensive IT and Information Security program for Apptega. This includes Corporate IT and Security Strategy, Security Administration, Policy and Compliance, Risk and Contingency Management, Security Operations, Threat and Vulnerability Management, Incident Management and Response, and Forensics. This role will be reporting directly to the CISO and will aid and provide expertise in the matters of security, standards, risk, and compliance. 

Essential Functions

Reasonable accommodations may be made to enable individuals with disabilities to perform these essential functions.

  • Develop, implement, and manage the process for data security, corporate IT strategy and associated architecture. Ensure adequate levels of funding and resources to accomplish associated IT Security annual goals and objectives. 
  • Helps keep Apptega data secure from both internal and external threats, malicious software and unauthorized data exposure. 
  • Lead information security and awareness and training initiatives by maintaining corporate security awareness policies and programs including privacy and data classification, retention and destruction of assets. 
  • Ensure the ongoing integration of IT and information security with business strategies and requirements. 
  • Ensure access control, business continuity, incident response and risk management needs of the organization are properly addressed. 
  • Foster a strong collaboratory relationship internally across all Apptega departments and leaders to leverage our own subject matter experts to increase our internal and external security posture. 
  • Work with and manage vendors, outside consultants, and other third parties to improve IT and information security within the organization. 
  • Formulate and implement an incident response program. This includes developing an incident response team, declaring incidents, coordinating and assisting in the investigation of incidents, forensic and eDiscovery, assisting in the recovery from attacks, coordinating with law enforcement agencies, and developing the post-response control strategy. 
  • Develop, publish, implement and maintain comprehensive company wide IT and information security plans, policy, guidelines and procedures. 
  • Monitor information security trends, understand potential threats, vulnerabilities and control techniques. Educate the executive team on all matters of Corporate IT and data security as the spaces evolves over time. 
  • Defines and communicates the organizational direction and policy for Information Security and IT Risk Management, identifies operational risks, performs ongoing risk assessment, reporting, and remediation. This includes working with senior management to identify, define, and confirm the key threats to the information and financial assets of the Company. 


  • Bachelor’s Degree in Computer Science, Information Systems, Information Technology, Business or equivalent.  
  • 10+ years of increasing experience in IT Management, Network, Systems Administration and a well-rounded leadership and management background. 
  • CISSP certification or equivalent security certification / accreditation required.  
  • A solid knowledge of all security related industry standards and frameworks including but not limited to PCI DSS, ISO 27001/2, NIST, OWASP, SANS, COBIT, ITIL, COSO, FISMA, FedRAMP 
  • Proven track record in having successfully established and managed Enterprise Security and IT programs. 
  • Ability to engage and educate different functional areas on business risk management and compliance requirements. 
  • Demonstrated ability to drive change in an organization through communication, leadership, influencing and leadership skills. 
  • Strong technical and business acumen with a proven track record of being able to work and communicate to technical and non-technical associates. 
  • Excellent leadership and communications skills required. 
  • Team player with proven track record of working with legal organization 
  • Self-starter with high energy to meet the needs of a demanding business and IT environment. 


What you get:   


  • Competitive salary and comprehensive benefits package.
  • Opportunities to work on challenging and impactful projects.
  • Mentorship and opportunities for career advancement.
  • A supportive and collaborative workplace culture.
  • Exposure to cutting-edge technologies in the compliance and cybersecurity sector.
  • On-the-job training and professional development opportunities.

Apptega Position Perks: 

·       Base salary plus incentives 

·       Unlimited Paid Time Off  

·       Medical, Dental & Vision Coverage 

·       Retirement Plan (401k with Matching Funds) 

·       Training & Development 

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: CISO CISSP COBIT Compliance Computer Science FedRAMP FISMA Forensics Incident response ISO 27001 ITIL NIST OWASP PCI DSS Privacy Risk assessment Risk management SANS Security strategy Strategy Vulnerabilities Vulnerability management

Perks/benefits: 401(k) matching Career development Competitive pay Health care Unlimited paid time off

Regions: Remote/Anywhere North America
Country: United States
Job stats:  8  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.