Demo

Director, Information Security & IT

Kaseware, Inc.
Denver, CO Full Time
POSTED ON 5/1/2026
AVAILABLE BEFORE 7/1/2026
Location: Denver, Colorado. This is a hybrid role in which employees are expected to work 3 days in-office and 2 days at home.

Do you love building the security and IT foundations that mission-critical software runs on, and do you want to know that your work helps keep communities safer? Kaseware builds case management and investigations software trusted by law enforcement, government, and corporate security teams. The trust those customers place in us – and our continued ability to operate in the most demanding compliance environments – depends on a strong information security and IT foundation. That is where you come in.

We are looking for a Director of Information Security & IT to lead Kaseware’s combined security, compliance, and enterprise IT functions. Reporting to the VP of Product & Technology, you will be the designated Information Security Officer (ISO) for the company and accountable for the controls, audits, and continuous monitoring that keep us authorized to serve our customers. You will lead a small but dynamic team and own the day-to-day health of our enterprise IT environment endpoints, identity, Microsoft 365, and the corporate network, alongside the security and compliance program.

Job Type: Full-time, Exempt

Responsibilities and Duties:

Information Security Officer (ISO) Role:

  • Serve as the named Information Security Officer (ISO), with delegated authority for control implementation, evidence collection, and ongoing attestation
  • Partner with the executive team on overall security strategy, risk posture, and executive reporting to the leadership team

Compliance & Audit Program:

  • Own the compliance program for Kaseware’s active certifications and pursuits, including but not limited to:
  • FedRAMP
  • SOC 2 Type II
  • ISO/IEC 27001
  • State and federal CJIS
  • StateRAMP and TxRAMP
    • Manage 3PAO and external auditor engagements end to end; planning, evidence collection, walkthroughs, findings, and remediation tracking
    • Maintain the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and continuous monitoring artifacts
    • Author and maintain company security policies, standards, and procedures; perform technical writing as needed
    • Review customer contracts, RFP responses, and partner agreements for compliance and security obligations

    Enterprise IT:

    • Lead enterprise IT operations across endpoint management (Mac and Windows, MDM, patching, lifecycle), identity and access management (Entra ID, SSO, SCIM, joiner/mover/leaver), Microsoft 365, and the corporate network
    • Own employee onboarding and offboarding, IT support, and SaaS administration for the corporate environment
    • Drive secure-by-default IT engineering – configuration baselines, vulnerability management, asset and license management, and access governance – in alignment with FedRAMP, CJIS, and ISO 27001 control requirements

    Risk & Incident Response:

    • Own the security incident response program – playbooks, tabletop exercises, communications, and post-incident review – for both security events and compliance violations
    • Coordinate cross-functional response during security incidents, breaches, and compliance escalations; document outcomes and report to leadership and regulatory bodies as required
    • Use lessons learned from incidents to evolve policies, controls, and tooling; integrate findings into continuous monitoring and the POA&M
    • Partner with Engineering on application security findings (penetration tests, SAST/DAST, container scans) where corporate or compliance reporting is required; AppSec ownership remains with Engineering

    Team Leadership:

    • Lead, mentor, and develop a four-person team
    • Recruit and onboard new team members as the program grows; conduct performance reviews and career development planning
    • Lead company-wide security awareness, new-hire training, and role-specific training programs
    • Present compliance posture, audit results, and risk findings to executive leadership and, where appropriate, customers and regulators
    • Support the Sales team on customer-facing security and compliance requirements in RFPs, security questionnaires, and customer audits

    Required Education:

    • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, Engineering, or a related field, or equivalent professional experience.

    Required Skills & Experience:

    • 10 years of progressive experience in information security, IT, or compliance roles, with at least 4 years in a leadership role managing people
    • Demonstrated experience as a named ISO, security lead, or equivalent on a FedRAMP package
    • CISSP required (CISM or CISA accepted as equivalent); CCEP, CRISC, or comparable compliance/risk certifications are a plus
    • Hands-on experience implementing and operating control frameworks: NIST SP 800-53 R5, FedRAMP, DoD IL5, SOC 2, ISO 27001:2022, ISO 27701, and CJIS
    • Working knowledge of StateRAMP, TxRAMP, CMMC, GDPR, and U.S. state privacy laws (CCPA/CPRA), with the ability to build a program that addresses applicable obligations across multiple frameworks
    • Enterprise IT leadership experience – endpoint management (Windows and Mac, MDM tooling such as Intune or Jamf), identity (Microsoft Entra ID, SSO/SCIM/MFA), Microsoft 365 administration, and corporate networking
    • Vulnerability management experience – running scan programs, triaging findings, maintaining a POA&M, and partnering with engineering teams on remediation
    • Strong vendor and customer-facing skills , supporting RFPs, security questionnaires, customer audits, and external auditor engagements
    • Excellent written and verbal communication; strong technical writing skills with a track record of authoring policies, procedures, and audit documentation
    • Working knowledge of software development practices and the security implications of cloud-native architectures (Azure preferred)
    • Self-starter who can operate without close supervision; strong attention to detail and judgment under pressure
    • Other duties as needed.

    Other Requirements:

    • Language: English
    • Citizenship: U.S. citizenship is required for this role due to FedRAMP and DoD environment access
    • Clearance: Eligibility to obtain a DoD Secret clearance is required; an active Secret clearance is preferred

    Benefits:

    • Salary Range: $185,000 – $225,000 annually DOE
    • Excellent health, dental, and vision insurance with generous company contribution
    • Flex Spending Accounts
    • Unlimited paid vacation
    • 12 paid company holidays
    • Paid Sick Time
    • Paid Parental Leave
    • 401k with company matching
    • EcoPass provided for Colorado-based employees

    About Kaseware:

    Kaseware is a rapidly growing start-up located in the Denver metro area. We build state-of-the-art software for law enforcement and corporate security customers. We serve those that serve our communities and make our world safer.


    Due to the nature of our business, you must be able to pass a full CJIS compliant fingerprint based background check, which is required for individuals needing access to criminal justice information (CJI).

    We expect this role to be open until June 30th or until filled.

    Salary : $185 - $225

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Director, Information Security & IT?

    Sign up to receive alerts about other jobs on the Director, Information Security & IT career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $208,896 - $274,954
    Income Estimation: 
    $250,952 - $333,704
    Income Estimation: 
    $148,382 - $214,197
    Income Estimation: 
    $178,760 - $261,217
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Kaseware, Inc.

    Senior Release Engineer (CI/CD)
    Apply
    • Kaseware, Inc. Denver, CO
    • Job Title: Senior Release Engineer (CI/CD)Location: Denver, Colorado. This is a hybrid role in which employees are expected to work 3 days in-office and 2 ... more
    • 9 Days Ago
    Senior Database Administrator
    Apply
    • Kaseware, Inc. Denver, CO
    • Job Title: Senior Database Administrator (Metabase/PostgreSQL/Azure) Location: Denver, Colorado. This is a hybrid role in which employees are expected to w... more
    • 12 Days Ago
    Associate Software Engineer
    Apply
    • Kaseware, Inc. Denver, CO
    • Location: Denver, Colorado/Hybrid Denver-based candidates are expected to work in a hybrid model (3 days in the office and 2 days from home) Do you love te... more
    • 15 Days Ago
    View More Jobs at Kaseware, Inc.

    Not the job you're looking for? Here are some other Director, Information Security & IT jobs in the Denver, CO area that may be a better fit.

    Quantinuum- Director of Information Security
    Apply
    • honeywell2-pilot Broomfield, CO
    • Science Led and Enterprise Driven. Our team of scientists is leading the way in the development of quantum computing. The world’s largest integrated quantu... more
    • 1 Month Ago
    IT Professional III Information Systems Security Officer
    Apply
    • nrel Boulder, CO
    • Posting Title IT Professional III Information Systems Security Officer . Location CO - Golden . Position Type Regular . Hours Per Week 40 . Working at NLR ... more
    • 4 Days Ago
    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!