Director, IT & Security

At LegitScript, we are passionate about making the internet and payment ecosystems safer and more transparent. We help companies of all sizes keep their services legal and safe for consumers. To do this, LegitScript combines big data with the world’s leading team of experts skilled in highly regulated and complex sectors, including transaction laundering detection, pharmaceuticals, online gambling, and more.

The result? Unmatched accuracy and deep risk analysis that identifies which commercial entities play by the rules, and which do not. Our diverse industry partnerships provide unique insights that keep businesses and governments at the forefront of emerging trends. That’s why LegitScript is trusted by the world's largest search engines, internet platforms, payment companies, and regulatory agencies.

Overview:

The Director of IT and Security is responsible for leading the internal technology and information security functions at LegitScript. This role oversees the infrastructure, tools, and policies that enable a secure, scalable, and high-performing workplace for a distributed team. Reporting to the Chief Technology Officer (CTO), the Director will ensure reliable IT operations, drive internal security initiatives, and align security controls with the company’s SOC 2 compliance program. The role also partners closely with the VP of Risk and Compliance to ensure cross-functional alignment on governance, audits, and third-party risk.

What You'll Do:

Internal IT & Infrastructure

• Oversee all internal IT operations: endpoint management, SaaS administration, device lifecycle, access provisioning, and support
• Design scalable and secure systems to support a distributed, hybrid workforce
• Manage help desk and IT support operations with a focus on reliability and user experience
• Lead IT vendor management, software licensing, budget planning, and tool evaluation

Security Operations

• Own the design, implementation, and maintenance of security controls aligned with SOC 2 requirements and industry best practices
• Lead incident response and vulnerability management processes; coordinate testing, remediation, and communication
• Collaborate with Engineering and DevOps to integrate security into development and infrastructure workflows
• Maintain security policies, technical standards, and employee security awareness training

Cross-Functional Collaboration

• Partner closely with the VP of Risk & Compliance on audit readiness, policy development, and third-party risk management
• Work with People, Finance, Legal, and other teams to ensure efficient onboarding/offboarding, secure systems access, and compliance reporting
• Support security reviews and infrastructure planning for new products, vendors, or organizational changes

Leadership & Reporting

• Build and mentor a small but high-performing team across IT and security disciplines
• Define and track KPIs for IT performance, ticket response, system uptime, and security posture
• Provide regular reporting to the CTO and executive leadership on system health, risk exposure, and operational maturity

What You'll Bring:

• 8–10+ years of progressive experience in IT, security, or infrastructure roles; prior leadership experience required
• Deep knowledge of IT systems in a cloud-native environment (e.g., Google Workspace, Okta, MDM tools, SSO, VPNs)
• Practical experience with SOC 2 controls and related security frameworks (e.g., NIST CSF, CIS Controls)
• Project management experience
• Strong problem-solving skills and ability to work cross-functionally at all levels
• Experience scaling IT and security functions in a growing SaaS or tech company
• Excellent communication skills, particularly with non-technical stakeholders
• Relevant certifications (e.g., CISSP, CISM, CCSP, PMP) are a plus but not required

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned at any time with or without notice.

Please note that visa sponsorship is not available for this position. We cannot support international remote work.

In addition to competitive salaries, full-time employees enjoy a great benefits package:

• Multiple Medical plans (one with $0 employee premium option), Dental & Vision plans
• 401k with company match and immediate vesting
• Generous paid time off package and 11 paid holidays
• And much more!

If you got to this point, we hope you're feeling excited about the job description you just read. Even if you don't feel that you meet every single requirement, we still encourage you to apply. We're eager to meet people that believe in LegitScript’s mission and can contribute to our team in a variety of ways.

**We do not accept unsolicited applications from third-party recruiters or agencies for this job posting. Any candidate submission without a prior agreement will be considered the property of our company, and we will not be responsible for any fees or obligations related to such submissions. We encourage interested candidates to apply directly through our official channels.**