Director, Security & Information

JOB SUMMARY

As we continue to grow, we are seeking a strategic Director of Security and Information to lead our cybersecurity efforts, ensure regulatory compliance, and oversee cloud infrastructure operations.

Key Responsibilities:

• Security Leadership :
• Develop and implement a comprehensive cybersecurity strategy to protect iTrade Network’s digital assets.
• Establish governance practices, policies, and procedures that integrate cybersecurity into enterprise risk management​.
• Conduct regular security audits, vulnerability assessments, and manage incident response plans.
• Ensure compliance with SOC 2, GDPR, CCPA, and other relevant industry regulations.
• Oversee and manage security incidents, breaches, and data loss prevention.
• Foster a security-first culture through regular employee training and awareness programs.
• Compliance & Cloud Leadership :
• Ensure regulatory compliance by managing internal controls and conducting regular audits.
• Oversee the design and security of cloud infrastructure (preferably GCP), focusing on scalability and cost efficiency.
• Implement cloud governance, disaster recovery, and business continuity plans.
• Collaborate with legal and regulatory teams to stay up-to-date on emerging data protection laws.
• Optimize and secure cloud-based services to meet both security and compliance requirements.
• Security Awareness and Training:
• Develop and implement security awareness training programs for employees at all levels​​.
• Ensure that all staff and third-party partners are aware of their cybersecurity roles and responsibilities​.

What you’ll need:

• 5-7 years of experience in cybersecurity leadership, compliance, and cloud infrastructure management.
• Bachelor's degree in a STEM or related field.
• Proven experience with security tools (SIEM, IDS/IPS, encryption) and incident response.
• Strong understanding of SOC 2, GDPR, CCPA, and cloud security best practices.
• Experience managing cloud environments (preferably GCP) and implementing governance policies.
• Excellent communication skills for explaining risks and strategies to technical and non-technical stakeholders.
• Strong project and team leadership skills, with the ability to manage cross-functional initiatives.

Nice-to-Have Requirements:

• Relevant certifications such as CISSP, CISM, CISA, or GCP Certified Security.
• Proven experience in some level of software development.
• Experience in the food supply chain industry or other heavily regulated industries.
• Familiarity with automation and DevSecOps practices.
• Advanced degree (e.g., Master’s in IT, Cybersecurity, or Business Administration).
• Knowledge of additional privacy regulations beyond SOC 2, CCPA and GDPR (e.g., HIPAA).
• Experience leading digital transformation initiatives and cloud modernization efforts.

If you are a highly motivated and results-driven individual, with a passion for driving growth in a fast-paced, entrepreneurial environment,  we encourage you to apply for this exciting opportunity. We offer a competitive salary, comprehensive benefits package, and a dynamic work culture that values collaboration, innovation, and personal development.

This is a hybrid position, candidates must be located in the Bay Area, CA; Charlotte, NC; Denver, Colorado; and Atlanta, Georgia