Director of Information Technology

About The Position

Requirements

• Education: Bachelor’s Degree in Computer Science, Engineering, Math or related field or equivalent experience required.
• Experience: Minimum of 8 years of hands-on, LAN/WAN operational networking experience.
• Must be able to communicate effectively, have strong interpersonal skills, and good judgment with the ability to work alone or as part of a team. This is not a managerial position.
• Clearance: Must be able to pass a background investigation per local law and regulations; Must be authorized to work in the U.S.
• Must be able to successfully pass a thorough background check. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

Nice To Haves

• (1) CompTIA SEC+ certification (2) Ability to build and deploy computer image, (3) Veteran or Spouse of Veteran, (4) Familiar with developing IT centric project plans, (5) DOD Contractor Experience (6) Foundational AWS Certification, AWS Certification Cloud Practitioner, (7) Certification in Cisco Network Associate, (8) CCNA would also be useful as their legacy environment has a Cisco router and Cisco.

Responsibilities

• Lead the Company’s IT strategy, roadmap, governance, and annual budget in alignment with business objectives and defense contracting requirements.
• Establish, maintain, and enforce IT policies, standards, and operating procedures, including security and compliance-related procedures.
• Manage IT vendors, MSP/MSSP relationships, SaaS providers, and contractors; negotiate contracts and ensure service-level performance.
• Maintain IT asset management and lifecycle controls (procurement, inventory, deployment, licensing, and secure disposition).
• Own administration, configuration, and secure operation of Microsoft 365, including Entra ID (Azure AD), Exchange Online, SharePoint/OneDrive, Teams, Intune, and related security/compliance capabilities.
• Implement and maintain M365 security baselines and access controls, including MFA, Conditional Access, role-based access control, least privilege, privileged access practices, and periodic access reviews.
• Oversee user onboarding/offboarding, account provisioning, and access governance across corporate and program environments, including secure handling requirements where applicable.
• Ensure reliable IT operations for HQ and remote users, including endpoint provisioning, patching, vulnerability remediation, standard device baselines, and escalation support.
• Oversee and support corporate network and on-premises IT systems as applicable (e.g., firewalls, VPN, switching, Wi‑Fi, backups, identity integration, and related infrastructure).
• Perform the role primarily remotely; travel as required to HQ, program sites, or customer locations to support on-premises requirements, deployments, outages, upgrades, audits, and mission-critical needs.
• Lead the Company’s cybersecurity program, including risk management, security architecture, monitoring/alerting (directly and/or via MSSP), and incident response planning and execution.
• Maintain vulnerability management, secure configuration, logging/auditing, change management, and endpoint/email security controls appropriate for a defense contracting environment.
• Serve as the Company’s primary owner for CMMC Level 2 readiness and ongoing compliance for environments handling CUI.
• Maintain and update CMMC/NIST SP 800-171 compliance artifacts and evidence, including SSP, POA\&M, policies/procedures, system boundaries, data flows, network diagrams, and control narratives.
• Coordinate internal assessments, gap analyses, remediation plans, and preparation for C3PAO assessments as required.
• Establish and execute continuous compliance processes, including evidence collection cadence, periodic control validation, and audit readiness.
• Provide routine reporting to executive leadership on IT operations, cybersecurity posture, CMMC Level 2 status, risks, incidents, remediation progress, and resource needs.
• Respond to customer security questionnaires, contractual cybersecurity flow-down requirements, supplier/partner security assessments, and due diligence requests.
• Oversee administration and maintenance of the Company website and related services, including hosting/vendor management, DNS/domain administration, SSL/TLS certificates, uptime monitoring, backups, access control, and security hardening.
• Coordinate website updates and technical support with internal stakeholders and external vendors as applicable.
• Maintain public-facing technical configurations as applicable, including SPF/DKIM/DMARC and domain/email reputation controls.
• Provide IT and security enablement for strategic partners, including secure collaboration configurations, access governance, integrations support, and alignment to Company security/compliance requirements.
• Serve as an IT point-of-contact for strategic partner onboarding/offboarding and operational coordination related to tools, access, and security requirements.
• Periodically support program initiation and ongoing operations by providing interim IT support and coordination required by awarded PWS, including standing up accounts, devices, secure collaboration environments, and operational processes until program-specific IT resources are in place.
• Coordinate with Program Management to ensure IT deliverables, timelines, documentation, and security requirements are met for program execution and transition.
• Establish and maintain business continuity, backup, and disaster recovery plans for critical systems; conduct periodic testing and document results.
• Lead or coordinate incident response activities, including triage, containment, eradication, recovery, root-cause analysis, and post-incident reporting.
• Perform other job-related duties as reasonably assigned to support Company operations, compliance obligations, and program execution.
• Performs related work as assigned