IT and Security Director

- Direct and manage third-party vendors to meet company standards - Supervise daily IT operations, guaranteeing dependable technology support across all departments - Ensure adherence to SOPs that support SOC 2 and HIPAA compliance - Cultivate a proactive, service-focused, and security-aware culture throughout the organization - Oversee the maintenance, security, and scalability of our AWS cloud environment - Manage architecture, backups, storage, and access for cloud resources - Ensure the reliable operation of servers, virtual machines, and internal applications - Collaborate with Engineering and Product teams for deployments and DevOps processes - Identify and implement infrastructure enhancements for stability and performance - Act as a go-to for resolving complex technical issues - Maintain our information-security framework, ensuring full SOC 2 and HIPAA compliance - Collaborate with auditors for documentation, evidence collection, and remediation - Maintain data protection policies, encryption standards, and secure transmission practices - Oversee user-access management and multi-factor authentication compliance - Conduct regular risk assessments, vulnerability scans, and penetration tests - Manage incident response, breach notifications, and disaster recovery in compliance with HIPAA - Train employees on data handling, privacy, and security best practices - Monitor and resolve IT support tickets to provide prompt, effective user assistance - Manage hardware inventory, software licensing, and system provisioning - Ensure seamless operation of networks, printers, and office connectivity - Establish standards for workstation setup, patching, and security updates - Facilitate proper onboarding/offboarding with access management and data revocation - Execute IT-related projects, upgrades, and integrations - Manage vendor relationships for technology services, hardware, and security tools - Assess emerging technologies that increase reliability, compliance, and automation - Collaborate with other department heads to align IT and security strategies with business objectives - Maintain business continuity and disaster recovery readiness through documented plans