Director of IT, Information Security & Compliance
Sciens Logistics LLC, Houston, TX, United States
Director of IT, Information Security & Compliance
The Director of IT, Information Security & Compliance will own the end-to-end design, security, and governance of Sciens' global IT environment. This individual will personally build and secure systems, implement NIST-based controls, and prepare the organization for C-TPAT cybersecurity requirements. You will act as the company's: IT Architect Security Lead Compliance Owner Hands-on Systems Engineer Trusted Advisor to Executive Leadership Key responsibilities include: Leading implementation of NIST 800-53 or 800-171 controls and closing identified gaps Preparing and maintaining C-TPAT cybersecurity documentation and controls Designing and enforcing Zero Trust and least-privilege access models Owning incident response, disaster recovery, and business continuity planning Implementing security awareness training and phishing simulations Establishing vendor risk management and third-party security reviews Preparing the company for future SOC 2 and ISO 27001 audits Secure and manage Microsoft 365 including Entra ID, Intune, Defender, and Purview Implement endpoint management and MDM across all devices Enforce MFA, conditional access, and SSO Secure SharePoint, OneDrive, Teams, and external sharing Secure Salesforce, CargoWise, Revenova, and custom TMS platforms Implement logging, monitoring, and SIEM using Microsoft Sentinel or similar tools Design secure network architecture across offices, VPNs, and cloud services Manage backups, data retention, DLP, and asset lifecycle Map data flows across TMS, WMS, CRM, finance, and customs systems Define data classification and access policies Secure APIs and system integrations Establish security standards for new SaaS tools and vendors Write and maintain IT and security policies Create SOPs for onboarding, offboarding, and access reviews Lead internal risk assessments and executive reporting Act as point of contact for auditors, customers, and regulators Build and mentor a small IT and security team over time Transition day-to-day support to junior staff or an MSP Define and execute an IT roadmap aligned with business growth Advise leadership on technology risk and investment decisions Required experience includes: 712 years of total IT experience 35+ years in security, compliance, or infrastructure leadership Hands-on experience implementing NIST 800-53 or 800-171 Experience with C-TPAT cybersecurity requirements or similar regulated frameworks Deep experience with Microsoft 365 security stack Experience securing SaaS-heavy, remote-first environments Experience writing and implementing security policies Experience working with auditors, customers, or regulators Background in logistics, transportation, warehousing, manufacturing, healthcare, or another regulated industry Preferred experience includes: SOC 2 or ISO 27001 experience Logistics, 3PL, freight forwarding, or customs brokerage exposure Experience with CargoWise, Salesforce, NetSuite, or Revenova Azure or AWS security experience SIEM implementation experience Prior first security hire or IT transformation role Experience supporting global teams Compensation includes: Competitive salary End of year bonus Clear growth path to VP or CIO High visibility executive-facing role What will make you successful: You enjoy building, not just managing You are comfortable operating in fast-moving environments You balance speed with security You communicate clearly with executives and operators You take ownership and follow through
The Director of IT, Information Security & Compliance will own the end-to-end design, security, and governance of Sciens' global IT environment. This individual will personally build and secure systems, implement NIST-based controls, and prepare the organization for C-TPAT cybersecurity requirements. You will act as the company's: IT Architect Security Lead Compliance Owner Hands-on Systems Engineer Trusted Advisor to Executive Leadership Key responsibilities include: Leading implementation of NIST 800-53 or 800-171 controls and closing identified gaps Preparing and maintaining C-TPAT cybersecurity documentation and controls Designing and enforcing Zero Trust and least-privilege access models Owning incident response, disaster recovery, and business continuity planning Implementing security awareness training and phishing simulations Establishing vendor risk management and third-party security reviews Preparing the company for future SOC 2 and ISO 27001 audits Secure and manage Microsoft 365 including Entra ID, Intune, Defender, and Purview Implement endpoint management and MDM across all devices Enforce MFA, conditional access, and SSO Secure SharePoint, OneDrive, Teams, and external sharing Secure Salesforce, CargoWise, Revenova, and custom TMS platforms Implement logging, monitoring, and SIEM using Microsoft Sentinel or similar tools Design secure network architecture across offices, VPNs, and cloud services Manage backups, data retention, DLP, and asset lifecycle Map data flows across TMS, WMS, CRM, finance, and customs systems Define data classification and access policies Secure APIs and system integrations Establish security standards for new SaaS tools and vendors Write and maintain IT and security policies Create SOPs for onboarding, offboarding, and access reviews Lead internal risk assessments and executive reporting Act as point of contact for auditors, customers, and regulators Build and mentor a small IT and security team over time Transition day-to-day support to junior staff or an MSP Define and execute an IT roadmap aligned with business growth Advise leadership on technology risk and investment decisions Required experience includes: 712 years of total IT experience 35+ years in security, compliance, or infrastructure leadership Hands-on experience implementing NIST 800-53 or 800-171 Experience with C-TPAT cybersecurity requirements or similar regulated frameworks Deep experience with Microsoft 365 security stack Experience securing SaaS-heavy, remote-first environments Experience writing and implementing security policies Experience working with auditors, customers, or regulators Background in logistics, transportation, warehousing, manufacturing, healthcare, or another regulated industry Preferred experience includes: SOC 2 or ISO 27001 experience Logistics, 3PL, freight forwarding, or customs brokerage exposure Experience with CargoWise, Salesforce, NetSuite, or Revenova Azure or AWS security experience SIEM implementation experience Prior first security hire or IT transformation role Experience supporting global teams Compensation includes: Competitive salary End of year bonus Clear growth path to VP or CIO High visibility executive-facing role What will make you successful: You enjoy building, not just managing You are comfortable operating in fast-moving environments You balance speed with security You communicate clearly with executives and operators You take ownership and follow through