Who We Are
At Mindrand our family of brands, we are dedicated to being a force for good. That's why we provide substance use safety, detection and monitoring products and services that help people live responsibly and keep communities safe.
Always Aware. Always Guiding. Never Restricting or Judging.
The Director of IT Security will lead and mature the organization’s enterprise security program across governance, risk, compliance, security operations, identity and access management, vulnerability management, and incident response. This leadership role is responsible for protecting company systems, data, and technology assets while enabling business growth through practical, risk-based security strategies. The ideal candidate will bring deep cybersecurity expertise, strong leadership capabilities, and the ability to partner across the business to improve security posture, strengthen resilience, and ensure compliance with applicable standards and regulatory expectations.
What You’ll Be Doing:
1. Strategic Security Leadership
a. Develop and execute the enterprise IT security strategy and roadmap aligned with business objectives, risk tolerance, and regulatory obligations.
b. Provide strategic direction for security architecture, security operations, governance, and control design across infrastructure, applications, endpoints, and cloud services.
c. Establish and maintain security policies, standards, and procedures aligned with recognized frameworks such as NIST and ISO 27001.
d. Lead enterprise risk assessments and security prioritization efforts to reduce exposure and support informed business decisions.
e. Provide executive-level reporting on security posture, key risks, incidents, remediation progress, and program maturity.
2. Security Operations and Risk Management
a. Oversee day-to-day security operations, including monitoring, alerting, investigation, escalation, and response coordination.
b. Lead vulnerability management activities, including scanning, prioritization, remediation tracking, patch governance, and security hardening.
c. Direct the design and execution of incident response processes, including preparation, containment, eradication, recovery, and lessons learned.
d. Implement security metrics and key risk indicators to measure control effectiveness, incident trends, remediation performance, and program maturity.
e. Partner with cloud, infrastructure, application development, and business teams to embed security controls into operational and technology processes.
f. Develop and maintain operational security procedures, runbooks, and response playbooks to support consistent execution.
g. Oversee endpoint, network, email, and cloud security technologies and ensure they are configured and operated effectively.
h. Ensure identity and access management controls, privileged access practices, and periodic access reviews are defined and enforced.
i. Drive continuous improvement in detection, response, resilience, and control effectiveness across the security environment.
3. Governance, Risk, and Compliance Leadership
a. Lead security governance processes, including policy management, control oversight, and regular security program reviews.
b. Coordinate internal and external audits, support compliance assessments, and ensure remediation of identified gaps.
c. Manage third-party security risk, security due diligence, and vendor control reviews for critical technology partners.
d. Partner with legal, privacy, and business leaders to ensure security requirements are integrated into enterprise processes and decision-making.
4. Team Leadership and Development
a. Track and manage multiple security priorities, balancing strategic initiatives with operational demands and emerging threats.
b. Lead, mentor, and develop a high-performing security team while fostering accountability, collaboration, and continuous learning.
c. Coordinate with cloud, infrastructure, application, data, and business teams to align security priorities with enterprise objectives.
d. Build strong relationships with business leaders to influence secure decision-making and improve organization-wide security awareness.
e. Oversee managed security service providers, consultants, and partners to ensure performance, accountability, and value realization.
5. Budget and Vendor Management
a. Develop and manage the IT security budget, ensuring investments are risk-based, cost-effective, and aligned to business priorities.
b. Evaluate, select, and manage security tools, partners, and service providers to support the organization’s evolving security needs.
c. Lead vendor reviews and service assessments to improve outcomes, address issues, and maximize return on security investments.
6. Innovation and Continuous Improvement
a. Measure what you manage by establishing meaningful security KPIs, KRIs, and reporting routines.
b. Stay current with emerging threats, technologies, regulatory expectations, and industry best practices in cybersecurity.
c. Drive innovation and continuous improvement initiatives to enhance resilience, automate controls, and strengthen overall security posture.
d. Continuously evaluate and implement appropriate security technologies and automation capabilities to improve efficiency and reduce risk.
7. All other duties as assigned
What You’ll Bring to the Table
Education: Bachelor’s degree in cybersecurity, information technology, computer science, or a related field.
Experience:
1. Minimum of 10 years of progressive experience in information security, cybersecurity, or IT risk management, with at least 3 years in a leadership role.
2. Proven experience leading enterprise security programs, security operations, incident response, governance, risk, and compliance initiatives.
Skills and Competencies:
1. Strong knowledge of security domains including network security, endpoint security, identity and access management, vulnerability management, cloud security, and incident response.
2. Strong understanding of governance, risk management, compliance, audit support, and control frameworks.
3. Ability to balance security priorities with business needs and implement practical, risk-based solutions.
4. In-depth understanding of on premise and cloud security principles, threat landscapes, and industry best practices.
5. Excellent leadership, communication, and interpersonal skills with the ability to influence technical and non-technical stakeholders.
6. Experience selecting, implementing, and managing security technologies, outside vendors, and consulting partners.
7. Ability to manage multiple rapidly changing priorities with strong verbal, written, analytical, and organizational skills.
8. Ability to think strategically, prioritize risk, and execute effectively in a fast-paced environment.
9. Strong problem-solving, decision-making, and incident leadership capabilities.
10. Proven track record of building and leading high-performing teams; relevant certifications such as CISSP, CISM, or CRISC preferred.
Equal Opportunity Employer
It is and will continue to be the policy of CST, LLC to practice a program of equal employment opportunity designed to assure that employment and advancement opportunities are made available to all employees and applicants based on individual qualifications and without unlawful regard to race, religion, color, veteran status, national origin, disability, age, gender identity, sexual orientation, sex or genetic information.

In conjunction with researchers at Iowa State University, Consumer Safety Technology, LLC (CST) developed the Intoxalock using alcohol-specific fuel cell technology in 1992. Intoxalock was the first car breathalyzer device in the country to use this cutting-edge technology, which is now an ignition interlock industry standard.
Intoxalock is a Des Moines, Iowa-based company that prides itself on a strong Iowa work ethic to provide customers with professional and competent service and the most reliable alcohol monitoring devices available.
In 2010, Intoxalock added advanced technology features through its Intoxalock eLERT™ products and today continues to actively work to advance the ignition interlock industry with technology that suits the needs of various federal, state, and local requirements.
https://www.intoxalock.com/testimonial-disclaimer