Director Information Security and Technology

Job Description

Company Description

Founded in 2021, Revalize empowers manufacturing businesses to better design, model, develop, and sell—powering greater outcomes across the entire manufacturing value chain. Revalize leads with an AI-forward mindset—using technology as a catalyst, not a compass. We value initiative and adaptability and seek professionals who embrace AI-driven innovation to drive business results in a rapidly evolving market.

We’re shaping the future of manufacturing technology with industry-leading CPQ, PLM, and design solutions that transform data into opportunity and accelerate the journey from idea to cash.

Revalize serves more than 16,000 global customers and is a portfolio company of TA Associates and Hg.

Job Description

The Director of Information Security and IT Operations will serve as a strategic leader responsible for safeguarding the organization’s digital assets while ensuring the reliability, scalability, and efficiency of its IT infrastructure.

This role combines oversight of enterprise-wide information security programs with the management of core IT operations, including networks, servers, cloud environments, and end-user devices. The Director will design and implement security frameworks, risk management strategies, and compliance initiatives while driving modernization of IT systems to support a global SaaS business model.

Key responsibilities include embedding security into the software development lifecycle, managing incident response, and ensuring business continuity, while also optimizing IT service delivery, network performance, and device lifecycle management. The role requires close collaboration with engineering, product, and business teams to align technology initiatives with organizational goals.

Additionally, the Director will champion the secure and responsible adoption of AI and emerging technologies, balancing innovation with risk mitigation.

Success in this position demands a blend of visionary leadership, technical expertise, and the ability to influence stakeholders at all levels to achieve operational excellence and robust security posture.

Key Responsibilities:

• Manage and influence both physical and cyber security risk to protect the company, its customers, and stakeholders from operational, financial, and reputational harm.
• Support the development and execution of the company’s information security strategy, ensuring alignment with business objectives and risk appetite.
• Implement and maintain security governance processes, policies, and standards across the organization, ensuring compliance with applicable regulations and frameworks.
• Contribute to the secure and responsible adoption of AI technologies within the organization and in AI-enabled products.
• Oversee day-to-day security operations, including monitoring, incident response, and vulnerability management, to minimize risk and impact.
• Partner with IT, Engineering, and Product teams to embed security into the software development lifecycle (secure-by-design, testing, and vulnerability remediation).
• Assist in defining and improving cloud and SaaS security practices, including identity and access management, encryption, and monitoring.
• Manage third-party security risk assessments and ensure appropriate controls are in place for vendors and partners.
• Drive security awareness and training programs to promote a culture of security across the organization.
• Provide regular reporting on security posture, incidents, and risk metrics to senior leadership.
• Manage global technology device onboarding, refresh, and return processes; determine hardware needs for employee base; ensure assets are tracked and maintained
• Ensure internal IT networks are stable and functioning properly; address office issues when they arise, keep technology up to date and make recommendations for upgrades as technology and needs change
• Lead global IT Support function to ensure hardware and software problems are addressed timely and comprehensively.  Maintain service level agreements for response and resolution timeframes.

Qualifications

Requirements / Minimum Qualifications:

• Education: Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field.
• Experience: Minimum of 8–10 years in information security roles, with at least 3 years in a leadership or management capacity.
• Strong knowledge of cybersecurity frameworks (e.g., ISO 27001, SOC 2) and familiarity with NIST CSF or equivalent.
• Proven experience developing and implementing security policies, standards, and procedures in a SaaS or software-driven environment.
• Hands-on experience with application and product security, including secure SDLC and DevSecOps practices.
• Solid understanding of cloud security principles and SaaS operations (identity and access management, encryption, monitoring).
• Demonstrated ability to manage incident response and vulnerability management programs effectively.
• Excellent communication and interpersonal skills, with the ability to convey security concepts to technical and non-technical audiences.
• High level of integrity, sound judgment, and ability to handle confidential information appropriately.

Preferences / Nice-to-Haves:

• Master’s degree in Information Security, Cybersecurity, or a related field.
• Professional certifications such as CISSP, CISM, or CISA.
• Proficiency with German language
• Experience in a global SaaS organization or software company serving the manufacturing technology industry.
• Familiarity with AI security risks and governance for AI-enabled products and services.
• Experience implementing DevSecOps practices and security automation in CI/CD pipelines.
• Knowledge of third-party risk management and supplier security assurance processes.
• Strong background in cloud-native security architectures (AWS, Azure, or GCP).
• Experience with regulatory compliance in multiple jurisdictions (e.g., GDPR, SOC 2, ISO 27001).
• Understanding of global IT function including asset management, network management, and associated support and refresh processes

Additional Information

Revalize designates standard working hours as 8:00 am to 5:00 pm Eastern Time (ET) for employees based in the United States and 08:00 to 17:00 Central European Time (CET) for employees operating within the EMEA region.

Revalize is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Revalize participates in the E-Verify program in certain locations, as required by law.

The compensation offered to the successful candidate will be based on a variety of factors, including but not limited to, the candidate’s work experience, education and licenses, work-related training, key skills, the core duties of the role and its associated responsibilities, additional benefits offered, and the location where the work will be performed. All fulltime (30+ hours) employees are eligible for PTO, Sick and Parental Leave; Medical, Dental, and Vision Insurance; 401(k) Plan; Health Savings Account; Life Insurance; Employee Assistance Program.

This is a full-time, bonus eligible position.  Base Salary is one part of our competitive total compensation and benefits package and is determined using a range. The listed compensation range represents our good faith estimate for this position and represents the range for new hire salaries across all U.S locations. Please note that the salary information is a general guideline only.

Qualified applicants will be asked to complete a 30 minute online pre-employment assessment as part of the recruitment process.