Director of Security, Compliance, & IT

The Director of Security, Compliance and IT, is responsible for overseeing and executing Security, Compliance, and Privacy initiatives across globally distributed teams. This role is highly technical and hands-on, requiring deep expertise in security governance, privacy and risk management, and incident response, while also leading strategic planning (30%) to standardize policies, improve operational maturity, and ensure compliance with regulatory frameworks.

The ideal candidate will be an "AI first" leader - staying updated on emerging technologies and identifying opportunities to integrate and accelerate whenever possible for efficiency gains, while ensuring responsible AI governance and compliance frameworks for internal use and within all of our products.

This role is hands-on in a primarily Windows environment. A typical day may include responding to security requests from external stakeholders, collaborating with IT and DevOps on strengthening security controls in our corporate network, updating IAM policies, coordinating penetration testing with vendors, or managing our vulnerability management program.

This position requires off-hours support for critical incidents and system maintenance as needed.

Who is BigTime?

BigTime is the AI-powered professional services platform enabling intelligent decisions and delivering profitable growth. We've proudly been featured on Inc's 500 Fastest Growing Companies in America for 4 years in a row. BigTime Software is the engine behind the greatest firms on the planet, delivering back-office time/budgeting and invoicing to over 2,500 firms worldwide and tracking over $4 billion in billable time each year. Our flagship product is a SaaS-based system that is custom-built for the professional services industry.

BigTime is a PE-backed company, headquartered out of Chicago, with offices in Chicago, Phoenix and Wrocaw Poland! We've proudly been named on 'Crain's Best Places to Work' three years in a row -- if you're motivated to join a hyper growth organization, we're eager to talk to you.

What We Offer:

• Competitive salary and bonus.

• Company pays 100% of benefits, including medical, dental, vision, disability and life insurance

• 401k with generous company match

• Paid Parental Leave

• Hybrid work schedule - In office 3 times a week

• Generous time off and paid company holidays

• Fresh fruit, snacks, cold brew coffee/tea, soda and sparkling water

• Company provided latest technology & software tools

• Chicago onsite gym

Key Responsibilities

Cloud and IT Infrastructure

• Oversee and enforce AWS security best practices (EC2, ECS, AppRunner, IAM, VPC) and security best practices across our corporate network.

• Manage system engineers handling IT helpdesk, endpoint security, Okta, Google Apps, Slack, and other corporate IT operations.

Security & Compliance

• Lead all security incidents and investigations, conducting root cause analysis (RCA) and remediation.

• Develop and enforce security policies, IAM governance, and vulnerability management strategies.

• Maintain and oversee multiple compliance initiatives (SOC 1 and 2), ensuring adherence across globally distributed teams.

• Risk management

• Own third-party risk management, conducting vendor security reviews.

• Maintain a risk register and conduct risk assessments.

• Dictate security governance policies across multiple departments to standardize compliance.

• Manage third-party penetration testing and remediation of findings across all products.

• Collaborate with DevOps and IT to maintain recovery plans to minimize system downtime and data loss.

• Help ensure compliance with GDPR, CCPA, DPF and other regulations.

• Complete privacy assessments and implement risk mitigation strategies.

Cross-Team Collaboration & Business Impact

• Align IT strategies with BigTime's corporate priorities through collaboration with stakeholders.

• Serve as the primary contact for client security reviews, RFPs, assist contract reviews.

• Assist Sales and Customer Success in closing enterprise deals by addressing client security concerns.

• Negotiate vendor contracts for a variety of services.

• Work with Engineering to secure applications and deployments while maintaining compliance.

Leadership & Team Support

• Manage and mentor IT staff to foster a high-performing team, finding efficiencies via AI whenever possible. You "walk the walk" and "talk the talk" with AI acceleration.

• Implement and manage AI-driven technology solutions to enhance operational efficiency.

• Ensure compliance with industry regulations, including AI governance frameworks.

• Mentor and oversee team handling IT, Security, Compliance and while also assisting with a significant portion of the hands-on work. Collaborate with the development team on securing and bringing DevOps initiatives into production.

• Manage responsibilities across AWS, security, compliance audits, privacy initiatives, IT escalations, and DevOps with limited additional resources.

Qualifications & Skills

Required

• 10+ years of experience across IT, security, DevOps, compliance, and privacy.

• Able to be onsite in our Chicago office at least 3 days a week.

• CISSP or similar certification preferred.

• Strong expertise with Windows-based infrastructure.

• Strong expertise in SOC 2, GDPR compliance, NIST, cloud security best practices.

• Incident response and root cause analysis expertise.

• Experience with AWS security, IAM governance, infrastructure-as-code (Terraform, CDK), and security automation in a primarily Windows environment.

• Availability for on-call/off-hours support for critical incidents and system maintenance.

As a Leader, you have experience with these foundational competencies:

• Strategic Decision Making; The ability to develop a long-term vision and plan for the organization, and to make decisions that align with that vision. The ability to make tough decisions, often with limited information and in complex situations, and to consider the potential impact of those decisions on the organization. Staying focused on goals.

• Innovation & Change Management; The ability to anticipate and navigate change within the organization, and to lead others through transitions. Strong understanding of need for change in high-growth environment. The ability to think creatively and to foster a culture of innovation within the organization. Willingness to think outside of the box and try new strategies.

• Communication; The ability to communicate effectively with all stakeholders, both verbally and in writing. Ability to adapt communication style to different audiences. Ability to deliver compelling executive-level presentations, including board level presentations, story telling through the utilization of business and data insights.

• Emotional Intelligence; The ability to understand and manage one's own emotions and those of others. Ability to use that understanding to build strong relationships and influence others. The ability to empathetically give feedback and execute Radical Candor as needed.

• Team Building & Leadership; The ability to build and lead high-performing teams. Ability to develop and coach team members to reach their full potential. The ability to create an environment of collaboration and support on the team and foster a sense of safety. Service leadership skills. Sharing power, putting the needs of others first and helping people develop and perform as highly as possible.

• Operational Acumen; Making data-driven decisions. The ability to establish KPIs effectively. Tying operations to numbers. Objectively evaluate team performance using healthy metrics. The ability to understand and manage financial resources effectively and to make sound financial decisions for the organization.

The expected salary for this position ranges from $160,000 - $200,000 annually. The actual salary will be determined on an individualized basis taking into account a wide range of factors including, but not limited to, relevant skills, experience, education, and, where applicable, licenses or certifications held. In addition to base salary and a competitive benefits package, this position may be eligible for additional types of compensation such as bonuses.

Applicants must be authorized to work in the U.S.. BigTime Software, Inc. is proud to be an Equal Opportunity Employer. BigTime Software is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, national origin, age, marital status, disability status or protected veteran status, or any other category protected under the law. All employment decisions are solely based on business needs, job requirements, and individual qualifications. We support an inclusive workplace where everyone can excel based on personal merit, qualifications, experience, ability, and job performance.

Your Right to Work - In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.