IT Director - Public Sector, Operations

Job Summary:

The Director of IT implements the strategic vision for IT operations, cybersecurity, and compliance within the Public Sector practice at the direction of the Chief Information Officer of BDO USA, P.C. This role ensures operational efficiency, security, and alignment with regulatory requirements while enabling business growth through technology. The Director of IT reports to Chief Information Officer of BDO USA, P.C. and works closely with Practice Leader to establish the Public Sector Vision, IT Strategy, annual roadmaps, and IT budget. 

Job Duties:

• Implements, develops, and maintains strategic plans including IT Vision and strategy, annual IT roadmaps, and budget
• Acquires and manages the necessary resources including leadership support, financial resources, and key security personnel, to support IT security goals and objectives and reduce overall organizational risk
• Architects, deploys, and maintains a Microsoft 365 GCC High tenant, ensuring optimal performance, security, and compliance
• Provides technical leadership and mentorship to IT teams, ensuring best practices for GCC High administration and cybersecurity
• Acquires necessary resources, including financial resources, to conduct an effective business continuity plan
• Advises senior management on cost/benefit analysis of information security programs, policies, processes, systems, and elements
• Advocates for the organization's official position in legal and legislative proceedings
• Communicates the value of IT security throughout all levels of the organization stakeholders
• Interfaces with external organizations (e.g., public affairs, law enforcement, and regulatory agencies) to ensure accurate communication and coordination of cybersecurity awareness and incident response, at the direction of the Chief Information Officer of BDO USA, P.C..
• Leads and aligns IT security priorities with the security strategy
• Monitors and evaluates the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection
• Recommends policies and coordinates review and approval
• Supervises or manages protective or corrective measures when a cybersecurity incident or vulnerability is discovered
• Promotes awareness of security issues among management and ensures sound security principles are reflected in the organization's vision and goals
• Oversees policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies
• Identifies security requirements specific to an IT system in all phases of the system life cycle
• Ensures that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Defines and/or implements policies and procedures to ensure protection of critical infrastructure as appropriate
• Develops policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities
• Coordinates with organizational manpower stakeholders to ensure appropriate allocation and distribution of human capital assets
• Assesses policy needs and collaborates with stakeholders to develop policies to govern cyber activities
• Designs/integrates a cyber strategy that outlines the vision, mission, and goals that align with the organization's strategic plan
• Performs an information security risk assessment
• Participates in long-range, strategic planning efforts with internal and external partners in cyber activities
• Collaborates on cyber privacy and security policies and procedures
• Collaborates with cybersecurity personnel on the security risk assessment process to address privacy compliance and risk mitigation
• Appoints and guides a team of IT security experts
• Collaborates with key stakeholders to establish a cybersecurity risk management program
• Ensures information security management processes are integrated with strategic and operational planning processes
• Ensures that senior officials within the organization provide information security for the information and systems that support the operations and assets under their control
• Other duties as required

Supervisory Responsibilities

• Manages Public Sector IT personnel
• Supervises and assigns work to programmers, designers, technologists and technicians, and other engineering and scientific personnel

Qualifications, Knowledge, Skills and Abilities:

Education:

• High School Diploma or GED, required
• Bachelor’s degree in Information Science, Information Systems, Informatics, preferred
• Master’s degree in Information Science, Information Systems, Informatics, preferred

Experience:

• Five (5) or more years in technology supporting public sector business, required

License/Certifications:

• CISM, CISSP, CASP+, or CISA, preferred

Software:

• Deep understanding of Microsoft 365 GCC High and Azure Government environments, including architecture, security, and compliance requirements, required
• Extensive knowledge of Entra ID (formerly Azure AD), Intune, Microsoft Defender, Sentinel, and Purview within GCC High, required

Language:

• N/A

Other Knowledge, Skills, and Abilities:

• Demonstrated knowledge of Risk management processes (e.g., methods for assessing and mitigating risk)
• Knowledge of how technology needs are translated, tracked, and prioritized across the enterprise
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacyl
• Cybersecurity and privacy principles
• Knowledge of controls related to the use, processing, storage, and transmission of data
• Skill to effectively communicate, plan, and organize, to drive execution and accountability
• Skill to be a self-starter with a sense of responsibility, urgency, and ownership
• Knowledge of cyber threats and vulnerabilities
• Knowledge of specific operational impacts of cybersecurity lapses
• Knowledge of system and application security threats and vulnerabilities
• Knowledge of emerging security issues, risks, and vulnerabilities
• Knowledge of industry technologies’ potential cybersecurity vulnerabilities
• Ability to create policies that reflect system security objectives
• Ability to communicate with all levels of management including Board members (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience)
• Ability to anticipate new security threats
• Ability to remain aware of evolving technical infrastructures
• Ability to utilize critical thinking to analyze organizational patterns and relationships
• Ability to exercise judgment when policies are not well-defined
• Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives
• Ability to tailor technical and planning information to a customer’s level of understanding
• Ability to prioritize and allocate cybersecurity resources correctly and efficiently
• Relates strategy, business, and technology in the context of organizational dynamics
• Understands technology, management, and leadership issues related to organization processes and problem solving
• Basic understanding of concepts and issues related to cyber and its organizational impact

Join us at BDO, where you will find more than a career, you’ll find a place where your work is impactful, and you are valued for your individuality. We offer flexibility and opportunities for advancement. Our culture is centered around making meaningful connections, approaching interactions with curiosity, and being true to yourself, all while making a positive difference in the world. 

At BDO, our purpose of helping people thrive every day is at the heart of everything we do. Together, we are focused on delivering exceptional and sustainable outcomes and value for our people, our clients, and our communities. BDO is proud to be an ESOP company, reflecting a culture that puts people first, by sharing financially in our growth in value with our U.S. team.  BDO professionals provide assurance, tax and advisory services for a diverse range of clients across the U.S. and in over 160 countries through our global organization.

BDO is the first large accounting and advisory organization to implement an Employee Stock Ownership Plan (ESOP). A qualified retirement plan, the ESOP offers participants a stake in the firm’s success through beneficial ownership and a unique opportunity to enhance their financial well-being. The ESOP stands as a compelling addition to our comprehensive compensation and Total Rewards benefits* offerings. The annual allocation to the ESOP is fully funded by BDO through investments in company stock and grants employees the chance to grow their wealth over time as their shares vest and grow in value with the firm’s success, with no employee contributions. 

We are committed to delivering exceptional experiences to middle market leaders by sharing insight-driven perspectives, helping companies take business as usual to better than usual. With industry knowledge and experience, a breadth and depth of resources, and unwavering commitment to quality, we pride ourselves on:

• Welcoming diverse perspectives and understanding the experience of our professionals and clients
• Empowering team members to explore their full potential
• Our talented team who brings varying skills, knowledge and experience to proactively help our clients navigate an expanding array of complex challenges and opportunities
• Celebrating ingenuity and innovation to transform our business and help our clients transform theirs
• Focus on resilience and sustainability to positively impact our people, clients, and communities
• BDO Total Rewards that encompass so much more than traditional “benefits.”  Click here to find out more!

*Benefits may be subject to eligibility requirements.

Equal Opportunity Employer, including disability/vets