Director, Security Operations and IT Governance, Risk & Compliance

About this Role: Insight Global is scaling a modern, risk-driven security program to protect our people, data, platforms, and customers across a high-growth professional services firm. We’re hiring a hands-on Director to lead both Security Operations and IT GRC building high-performing teams, maturing processes and controls, and delivering measurable risk reduction that enables the business.What You’ll Do: • Lead & Operate Security Operations • SOC & Incident Response: Own 24x7 monitoring strategy, playbooks, and SLAs; drive MTTD/MTTR down via SIEM/SOAR use-cases, escalations, and post-incident reviews (PIRs). •Threat Detection & Hunting: Continuously tune detections, enrich with threat intel, and run proactive hunts tied to IG’s attack surface and industry TTPs. • Vulnerability Management: Direct risk-based scanning, triage, and remediation across endpoints, servers, cloud, and applications; manage exception/risk acceptance process with clear business justifications. • Digital Forensics & Investigations: Establish defensible DFIR procedures (imaging, evidence handling, reporting), coordinate with Legal/HR, and guide incident communications. • Secure SDLC Enablement: Partner with Engineering to embed security in pipelines (SAST/DAST/Secrets/Dependency scanning), threat modeling, and release gates; report on defect density and fix SLAs. Build & Mature IT GRC • Policies & Standards: Own the lifecycle (draft, review, approve, publish, train) for security policies, standards, and technical baselines aligned to NIST CSF/800-53, ISO 27001, SOC 2, CMMC, and applicable privacy laws (ex: GDPR/CCPA). • Audit & Compliance: Orchestrate internal control testing and external assessments; centralize evidence, track findings to closure, and report control effectiveness to leadership and Audit. • Third-Party Risk Management (TPRM): Run intake, due diligence, questionnaires, continuous monitoring, and risk treatment. • Awareness & Phishing: Deliver a role-based training program and monthly phishing exercises; publish metrics and targeted remediation paths for repeat offenders. • Insider Threat: Stand up a cross-functional program (detection rules, escalation, response, and governance) that balances privacy, culture, and compliance requirements. Lead People, Partners, and Programs • Team Leadership: Hire, mentor, and develop managers/analysts across SecOps and GRC; set clear goals, career paths, and on-call expectations. • Vendor & Budget Ownership: Define tool strategy (SIEM/SOAR, EDR, CSPM, CNAPP, IDP/IAM, SAST/DAST, GRC/TPRM platforms), oversee renewals and services partners, and manage the portfolio for value and outcomes. • Risk & KPI Reporting: Publish an executive dashboard—MTTD/MTTR, patch SLAs, vuln age by criticality, phishing failure rates, control pass rates, audit status, third-party risk posture, and top risks with treatment plans. • Cross-Functional Partnership: Work tightly with IT, Cloud/Platform, Engineering, Privacy/Legal, Procurement, and HR to align security controls with business objectives and customer commitments.What Success Looks Like (12 Months): • Detections that matter: False positives slashed; coverage mapped to MITRE ATT&CK and crown-jewel assets. • Faster response: MTTR reduced across severities with automated containment for common scenarios. Risk-based patching: >95% of critical vulns remediated within SLA; meaningful exception governance. • Clean audits: No repeat findings; evidence centralized; policy set current and attested. • Trusted TPRM: All in-scope vendors assessed and monitored; clear risk treatment tied to contracts. • Security-by-design: Release gates enforced for high-risk apps/services; measurable drop in recurring code defects. • High-performing team: Clear roles, documented playbooks, healthy on-call, and strong retention. What You’ll Need to Succeed: • Experience: 10+ years in cybersecurity with 5+ years leading Security Operations and/or IT GRC teams in a fast-paced, cloud-forward environment. • Leadership: Proven ability to recruit, develop, and inspire managers and ICs; lead through incidents and audits; influence executives with clear, business-first narratives. • Frameworks & Regulations: Expert with NIST CSF/800-53, ISO 27001, SOC 2, CMMC, SOX ITGCs, and privacy obligations (GDPR/CCPA); practical risk management (likelihood/impact) and control mapping. • Technology Depth: Hands-on familiarity with SIEM/SOAR (e.g., SumoLogic, Splunk ES or similar), EDR/XDR, identity platforms (e.g., Entra ID/Okta), cloud security (AWS/Azure/GCP), vulnerability tooling (e.g., Qualys/Tenable), code scanning, and GRC/TPRM suites (ex: ServiceNow GRC, Archer, Security Scorecard/BitSight). • Communication: Exceptional written/verbal skills; crisp incident comms and board-ready reporting. • Education/Certs (preferred): BS/MS in a relevant field; CISSP, CISM, CISA, GIAC (GCIA/GCIH/GCED/GCFA), CCSP, or comparable. Other Skills and Abilities: • Outcome-oriented: Tie initiatives to risk reduction, customer trust, and enablement of growth. • Builder’s mindset: Standardize where it matters, automate relentlessly, document well. • Collaborative: Meet partners where they are, reduce friction, and earn the right to say “must.” • Ethical & compliant: Balance monitoring with privacy and culture; be audit-ready every day.