What are the responsibilities and job description for the Director of Information Security position at Vernovis?
Job Title: Director of Information Security
Location: Cincinnati OH - Hybrid
Who We Are
Vernovis is a Total Talent Solutions company that specializes in Technology, Cybersecurity, Finance & Accounting functions. At Vernovis, we help these professionals achieve their career goals, matching them with innovative projects and dynamic direct hire opportunities in Ohio and across the Midwest.
Come Join Us
Vernovis is looking for a Director of Information Security (InfoSec) who can build and mature a modern security program in a Microsoft-centric cloud environment. This individual will partner closely with IT leadership to embed security into identity, cloud, endpoint, and incident response capabilities, while leading the organization through ISO 27001 and advancing a practical Zero Trust roadmap. Successful candidates will have a strong practitioner background in information security, combined with the ability to lead, influence, and collaborate across teams. The ideal candidate understands security tools and architectures deeply, can translate risk into actionable improvements, and drives real security outcomes.
What You'll Do:
Lead the design, implementation, and continuous improvement of our client’s information security program, with a focus on threat prevention, detection, and response across cloud, endpoint, identity, and on-prem environments
Serve as the technical security leader for the organization, partnering closely with IT teams to embed security into Microsoft 365, Azure, Entra ID, Intune, Defender, and related technologies
Develop and execute a practical Zero Trust security roadmap, leveraging identity, device trust, endpoint protection, and continuous monitoring to measurably improve security posture
Oversee incident response preparedness and execution, including incident detection, response coordination, post-incident analysis, and continuous improvement of response capabilities
Lead and mature the ISO 27001 program, translating security standards into operational controls and ensuring alignment between technical security practices and certification requirements
Conduct ongoing risk assessments, threat modeling, and vulnerability analysis to proactively identify and mitigate security risks
Evaluate, recommend, and guide the use of security tools and architectures, ensuring solutions are effective, well-integrated, and aligned to business needs
Lead, mentor, and develop security personnel, building a high-performing security function with strong technical and analytical capabilities
Collaborate with IT leadership and business stakeholders to ensure security initiatives support operational resilience, client requirements, and business objectives
What You'll Have:
Demonstrative career progression in information security advancing into leadership with a deep technical background and the ability to lead security initiatives.
Strong understanding of identity and access management (IAM), cloud security, endpoint protection, incident response, and modern security architecture, including Zero Trust principles
Experience securing Microsoft-based environments, including familiarity with Entra ID (Azure AD), Conditional Access, Intune, Defender, and Microsoft 365 security capabilities
Proven ability to lead incident response efforts, including real-world security events, tabletop exercises, and post-incident improvement initiatives
Demonstrated experience leading ISO 27001 certification and ongoing compliance through practical, technical implementation rather than policy-only approaches
Strong leadership, collaboration, and communication skills, with the ability to influence IT and business leaders and translate security risk into actionable outcomes
Ability to assess and understand security products and technologies, including strengths, limitations, and integration considerations
Strong analytical and problem-solving skills, with the ability to prioritize and manage multiple security initiatives in a fast-paced environment
The Vernovis Difference
Vernovis does not accept inquiries from Corp to Corp recruiting companies. Applicants must be currently authorized to work in the United States on a full-time basis and not violate any immigration or discrimination laws.
Vernovis provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
Location: Cincinnati OH - Hybrid
Who We Are
Vernovis is a Total Talent Solutions company that specializes in Technology, Cybersecurity, Finance & Accounting functions. At Vernovis, we help these professionals achieve their career goals, matching them with innovative projects and dynamic direct hire opportunities in Ohio and across the Midwest.
Come Join Us
Vernovis is looking for a Director of Information Security (InfoSec) who can build and mature a modern security program in a Microsoft-centric cloud environment. This individual will partner closely with IT leadership to embed security into identity, cloud, endpoint, and incident response capabilities, while leading the organization through ISO 27001 and advancing a practical Zero Trust roadmap. Successful candidates will have a strong practitioner background in information security, combined with the ability to lead, influence, and collaborate across teams. The ideal candidate understands security tools and architectures deeply, can translate risk into actionable improvements, and drives real security outcomes.
What You'll Do:
Lead the design, implementation, and continuous improvement of our client’s information security program, with a focus on threat prevention, detection, and response across cloud, endpoint, identity, and on-prem environments
Serve as the technical security leader for the organization, partnering closely with IT teams to embed security into Microsoft 365, Azure, Entra ID, Intune, Defender, and related technologies
Develop and execute a practical Zero Trust security roadmap, leveraging identity, device trust, endpoint protection, and continuous monitoring to measurably improve security posture
Oversee incident response preparedness and execution, including incident detection, response coordination, post-incident analysis, and continuous improvement of response capabilities
Lead and mature the ISO 27001 program, translating security standards into operational controls and ensuring alignment between technical security practices and certification requirements
Conduct ongoing risk assessments, threat modeling, and vulnerability analysis to proactively identify and mitigate security risks
Evaluate, recommend, and guide the use of security tools and architectures, ensuring solutions are effective, well-integrated, and aligned to business needs
Lead, mentor, and develop security personnel, building a high-performing security function with strong technical and analytical capabilities
Collaborate with IT leadership and business stakeholders to ensure security initiatives support operational resilience, client requirements, and business objectives
What You'll Have:
Demonstrative career progression in information security advancing into leadership with a deep technical background and the ability to lead security initiatives.
Strong understanding of identity and access management (IAM), cloud security, endpoint protection, incident response, and modern security architecture, including Zero Trust principles
Experience securing Microsoft-based environments, including familiarity with Entra ID (Azure AD), Conditional Access, Intune, Defender, and Microsoft 365 security capabilities
Proven ability to lead incident response efforts, including real-world security events, tabletop exercises, and post-incident improvement initiatives
Demonstrated experience leading ISO 27001 certification and ongoing compliance through practical, technical implementation rather than policy-only approaches
Strong leadership, collaboration, and communication skills, with the ability to influence IT and business leaders and translate security risk into actionable outcomes
Ability to assess and understand security products and technologies, including strengths, limitations, and integration considerations
Strong analytical and problem-solving skills, with the ability to prioritize and manage multiple security initiatives in a fast-paced environment
The Vernovis Difference
Vernovis does not accept inquiries from Corp to Corp recruiting companies. Applicants must be currently authorized to work in the United States on a full-time basis and not violate any immigration or discrimination laws.
Vernovis provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.