Director, Information Security and Technology

Who We Are

ghSMART is a premier leadership advisory firm trusted by CEOs, boards, and investors to solve their most critical leadership and talent decisions. For more than 30 years, we’ve partnered with many of the world’s most influential leaders and organizations to build winning leadership teams and amplify positive impact. Recognized for excellence, ghSMART consistently earns top rankings in industry surveys (e.g., Vault Consulting awards) and is featured in Forbes’ list of America’s Best Management Consulting Firms. Our culture is entrepreneurial and collaborative, with a strong focus on innovation and client success. Our team is made up of nearly 200 extraordinary individuals across the U.S., Europe, and APAC, who become trusted advisors to these leaders, helping amplify their positive impact on the world. We advise on the art and science of building winning leadership teams, doing meaningful work every day.

What You’ll Do

In this role, you will have primary responsibility for enterprise information security and for leading the information strategy, operations, and culture that keep ghSMART’s digital environment safe, resilient, and scalable. You will serve as the internal subject matter expert responsible for designing and executing the firm’s information security roadmap, managing critical vendor relationships including our external Security Operations Center, and ensuring our security practices align with relevant standards.

Beyond security, you will oversee ghSMART’s Azure environment and enterprise Microsoft ecosystem, including Microsoft 365, Entra ID, and Windows endpoint management. You will lead a high‑performing IT Support team that delivers responsive, reliable service to employees across the firm, while owning the full lifecycle of hardware, digital infrastructure, and employee onboarding, and offboarding. You will also take primary ownership of technology budgeting and cost management across all IT functions.

Responsibilities

• Lead ghSMART’s enterprise information security program as the firm’s internal expert, driving strategy, operations, and continuous improvement.
• Develop, align, and execute the firm’s information security roadmap in partnership with key stakeholders, ensuring alignment with business priorities and risk tolerance.
• Define, implement, and continuously improve information security policies, standards, controls, and incident response practices, with a goal of aligning to a framework such as the ISO 27001.
• Manage key security vendor relationships, including the external SOC, balancing impact, risk, and budget.
• Foster a strong culture of security awareness across the firm and provide effective change management as security practices evolve.
• Oversee ghSMART’s Azure environment and enterprise Microsoft ecosystem, including Microsoft 365, Entra ID, and Windows endpoint management, ensuring secure and scalable systems.
• Lead, develop, and scale a high-performing IT Support team, setting standards for service excellence, reliability, and security while ensuring highly responsive support for all employees.
• Own the end‑to‑end lifecycle of IT hardware and digital infrastructure, including provisioning, employee onboarding, offboarding, and device management.
• Own and oversee all technology spend, including software, hardware, and outsourced services, ensuring responsible budgeting and cost management.

You Bring

• A bachelor’s degree in information security, information technology, computer science, or a related field, or equivalent experience.
• 8–10+ years of experience in enterprise IT, information security, or technology leadership roles.
• Strong technical foundation across enterprise IT environments, including Microsoft 365, Entra ID, Windows endpoint management, cloud infrastructure, and modern security operations.
• Deep expertise in information security governance, risk management, compliance frameworks, and security operations.
• Experience defining and implementing security policies, controls, and incident response processes; experience building or maturing an information security program from the ground up is a plus.
• Proven experience leading and managing IT and cybersecurity teams.
• Strong vendor and stakeholder management skills, particularly with security partners and cross‑functional leaders.
• Demonstrated ability to lead through influence, drive firmwide change management, and clearly communicate complex technical and security concepts to non‑technical stakeholders.

Why join ghSMART?

Meaningful Impact Everyday: We believe leadership is the greatest force for good. At ghSMART, whether you're guiding the world’s top leaders or helping power the firm from within, you play a vital role in solving our clients’ greatest challenge: building and developing talented, diverse teams that fuel lasting success. Together, we help leaders amplify their positive impact—on their organizations, their people, and the world.

Exceptional team, grounded in generosity: We have a team of extraordinary people united by excellence, humility, and a shared purpose. You’ll collaborate with brilliant colleagues who challenge and support you. Here, exceptional talent meets deep respect—where people show up with heart, and everyone has a place.

Freedom to Shape a Career with Purpose: You have the power to shape a career that aligns with your purpose—doing meaningful work that drives impact for the world’s top leaders. You’ll help solve challenges that matter while being supported by brilliant colleagues and trusted with the flexibility you need to recharge, perform at your best, and grow for the long term.

Have your voice and talents recognized. We are a flat organization that values proactivity and ability over bureaucracy and tenure. All our decisions and actions are guided by our Values and Credo - to help leaders amplify their positive impact on the world.

We are ranked #1 or #2 in 10 Consulting categories by Vault. See what others think about working at ghSMART on Glassdoor.

Compensation

Certain US jurisdictions require ghSMART to include a reasonable estimate of the salary range for this role. We are built on a culture of freedom and flexibility, we operate fully remotely, and our team members balance deeply energizing, high intensity work, with flexible schedules to support life outside of work. Our compensation model reflects these values. Compensation for this role in the United States includes base salary, annual discretionary performance bonus, 401(k) plan with an annual employer contribution, and a comprehensive benefits package. You should reasonably expect a base salary of $180,000 - $190,000. In addition, we offer an annual discretionary performance bonus.

Key skills/competency

• Information Security Management
• Azure Cloud Environment
• Microsoft 365 Ecosystem
• Entra ID
• Windows Endpoint Management
• IT Support Leadership
• Security Operations Center (SOC)
• ISO 27001
• Risk Management and Compliance
• Technology Budgeting