OnePoint BFG Wealth Partners
Director of Information Technology
OnePoint BFG Wealth Partners, Parsippany, New Jersey, United States
Director of IT & Security / Chief Information Security Officer (CISO)
The Director of IT & Security / Chief Information Security Officer (CISO) is responsible for overseeing the firm’s technology operations, cybersecurity strategy, and risk management program. This role provides leadership across IT infrastructure, security architecture, identity management, vendor governance, and incident response. The Director/CISO works closely with the CTO and senior leadership to maintain a secure, compliant, and resilient environment that supports advisor productivity and protects client data.
Key Responsibilities Cybersecurity Leadership (CISO Responsibilities)
Lead the firm’s cybersecurity strategy, security architecture, and governance program.
Own and mature the
Incident Response Plan (IRP) , including tabletop exercises, documentation, and real‑time incident leadership.
Maintain and enhance the
Business Continuity Plan (BCP)
and disaster recovery processes.
Oversee vulnerability management, security monitoring, and threat response in coordination with SOC and MSP partners.
Administer and optimize Microsoft security controls including
Purview, Defender, DLP, labeling, retention, and data governance .
Ensure alignment with industry frameworks and regulatory expectations (NIST CSF, CIS, SEC/FINRA).
Regularly brief senior leadership on cyber risks, posture, and remediation activities.
Identity & Access Management
Serve as primary owner for
Entra ID
and
Okta , including MFA, SSO, identity lifecycle, and access governance.
Enforce least‑privilege access, conditional access policies, privileged access management, and entitlement reviews.
IT Operations & Infrastructure
Lead daily IT operations including endpoints, cloud systems, and network environments.
Manage Microsoft 365 administration across
Exchange Online, Intune, Entra, Purview, and Copilot readiness .
Oversee network reliability and troubleshoot complex issues involving routing, DNS, certificates, encryption, proxies, and VPN technologies.
Direct device provisioning, patch management, configuration baselines, and system hardening across the environment.
Own the firm’s
vendor due diligence program , including security reviews, documentation management, and risk scoring.
Oversee vendor renewals, SLAs, and performance monitoring for MSPs, cloud services, cybersecurity partners, and critical system providers.
Governance, Compliance, and Audit Support
Develop and maintain IT and security policies, standards, and procedures.
Partner with Compliance and Legal on regulatory requirements, cybersecurity questionnaires, and client or regulator due diligence.
Provide evidence, reporting, and remediation support for audits and assessments.
Strategic Planning & Leadership
Partner with the CTO to define and execute the multi‑year IT and security roadmap.
Evaluate emerging technologies and determine firm readiness (AI, Copilot, automation, endpoint strategy).
Lead, mentor, and develop IT team members; establish processes, SLAs, and escalation paths.
Promote a security‑first culture through communication, training, and consistent enforcement of best practices.
Qualifications
8–12+ years of progressive experience in IT infrastructure and cybersecurity, including leadership experience.
Expert‑level knowledge of:
Okta
administration and identity lifecycle management
Networking fundamentals and troubleshooting (DNS, certificates, encryption, routing, VPN, firewalls)
Security governance and frameworks (NIST, CIS, ISO27001)
Hands‑on experience managing IRP, BCP/DR programs, and incident handling.
Strong vendor management and due diligence experience.
Understanding of compliance requirements in regulated industries (finance preferred).
Experience working with or administering
VDI environments
(Azure Virtual Desktop, Citrix, VMware Horizon, or similar).
Excellent communication, documentation, and leadership skills.
Required/Preferred Certifications
CISSP
— strongly preferred
Microsoft Advanced Administrator Certification
(or equivalent senior Microsoft 365 admin credential)
Okta Certified Administrator
or
Okta Certified Professional
Why Join Us
Partner directly with the CTO
to shape and elevate the firm’s IT and cybersecurity strategy, influencing decisions that protect and enable the entire organization.
Lead with both execution and innovation
— drive critical IT and security initiatives while exploring new technologies that strengthen resilience and improve advisor productivity.
Join a collaborative, high‑performing technology team that values ownership, accountability, and continuous improvement in a fast‑growing, client‑centric environment.
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Finance
#J-18808-Ljbffr
Key Responsibilities Cybersecurity Leadership (CISO Responsibilities)
Lead the firm’s cybersecurity strategy, security architecture, and governance program.
Own and mature the
Incident Response Plan (IRP) , including tabletop exercises, documentation, and real‑time incident leadership.
Maintain and enhance the
Business Continuity Plan (BCP)
and disaster recovery processes.
Oversee vulnerability management, security monitoring, and threat response in coordination with SOC and MSP partners.
Administer and optimize Microsoft security controls including
Purview, Defender, DLP, labeling, retention, and data governance .
Ensure alignment with industry frameworks and regulatory expectations (NIST CSF, CIS, SEC/FINRA).
Regularly brief senior leadership on cyber risks, posture, and remediation activities.
Identity & Access Management
Serve as primary owner for
Entra ID
and
Okta , including MFA, SSO, identity lifecycle, and access governance.
Enforce least‑privilege access, conditional access policies, privileged access management, and entitlement reviews.
IT Operations & Infrastructure
Lead daily IT operations including endpoints, cloud systems, and network environments.
Manage Microsoft 365 administration across
Exchange Online, Intune, Entra, Purview, and Copilot readiness .
Oversee network reliability and troubleshoot complex issues involving routing, DNS, certificates, encryption, proxies, and VPN technologies.
Direct device provisioning, patch management, configuration baselines, and system hardening across the environment.
Own the firm’s
vendor due diligence program , including security reviews, documentation management, and risk scoring.
Oversee vendor renewals, SLAs, and performance monitoring for MSPs, cloud services, cybersecurity partners, and critical system providers.
Governance, Compliance, and Audit Support
Develop and maintain IT and security policies, standards, and procedures.
Partner with Compliance and Legal on regulatory requirements, cybersecurity questionnaires, and client or regulator due diligence.
Provide evidence, reporting, and remediation support for audits and assessments.
Strategic Planning & Leadership
Partner with the CTO to define and execute the multi‑year IT and security roadmap.
Evaluate emerging technologies and determine firm readiness (AI, Copilot, automation, endpoint strategy).
Lead, mentor, and develop IT team members; establish processes, SLAs, and escalation paths.
Promote a security‑first culture through communication, training, and consistent enforcement of best practices.
Qualifications
8–12+ years of progressive experience in IT infrastructure and cybersecurity, including leadership experience.
Expert‑level knowledge of:
Okta
administration and identity lifecycle management
Networking fundamentals and troubleshooting (DNS, certificates, encryption, routing, VPN, firewalls)
Security governance and frameworks (NIST, CIS, ISO27001)
Hands‑on experience managing IRP, BCP/DR programs, and incident handling.
Strong vendor management and due diligence experience.
Understanding of compliance requirements in regulated industries (finance preferred).
Experience working with or administering
VDI environments
(Azure Virtual Desktop, Citrix, VMware Horizon, or similar).
Excellent communication, documentation, and leadership skills.
Required/Preferred Certifications
CISSP
— strongly preferred
Microsoft Advanced Administrator Certification
(or equivalent senior Microsoft 365 admin credential)
Okta Certified Administrator
or
Okta Certified Professional
Why Join Us
Partner directly with the CTO
to shape and elevate the firm’s IT and cybersecurity strategy, influencing decisions that protect and enable the entire organization.
Lead with both execution and innovation
— drive critical IT and security initiatives while exploring new technologies that strengthen resilience and improve advisor productivity.
Join a collaborative, high‑performing technology team that values ownership, accountability, and continuous improvement in a fast‑growing, client‑centric environment.
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Finance
#J-18808-Ljbffr