ZGF is seeking an experienced Information Security Leader to continuously strengthen the firm’s security across all offices. This role is responsible for enterprise information security strategy, governance, risk management, compliance, and operational oversight. The individual will ensure that ZGF’s people, project information, client data, and intellectual property are protected in an increasingly complex and evolving threat landscape.

The position reports to the Director of Information Technology and works closely with firm leadership, project teams, and external security partners.

Role Purpose

• Lead ZGF’s enterprise information security program.
• Integrate a security mindset into the firm’s operations.
• Protect project data, client information, and intellectual property.
• Ensure compliance with appropriate frameworks (NIST 800-171, CMMC, etc.).
• Provide clear governance over risk while enabling innovative design and delivery.

Key Responsibilities

Security Strategy & Governance

• Develop and maintain a firmwide information security strategy aligned with ZGF’s business objectives and risk tolerance.
• Translate the strategy into clear priorities, structured initiatives, and outcomes.
• Present quarterly updates to leadership on security posture, risks, and priorities.
• Serve as the firm’s authoritative voice on information security matters.
• Develop and document an information security program

Risk Management & Compliance

• Lead compliance related to NIST 800-171, CMMC, and other client-driven requirements.
• Oversee governance tools and compliance platforms currently in use.
• Conduct and oversee risk assessments, penetration testing, and vulnerability management programs.
• Ensure appropriate controls are documented, tested, and maintained.
• Coordinate cyber insurance requirements and external audit preparation.

Security Operations

ZGF’s current stack includes multiple security tools and managed services, including:

• Fortinet perimeter and network controls
• Microsoft Defender E5 suite
• Arctic Wolf MDR/SOCaaS
• Identity governance via Entra
• Endpoint management via Intune/MEM
• KnowBe4 Security Awareness

The leader will:

• Evaluate, rationalize, and optimize ZGF’s security stack to minimize redundancy and ensure layered, well-integrated protections aligned with business risk.
• Provide leadership and oversight of all security operations.
• Coordinate closely with external MSSPs.
• Oversee incident response, escalation, and post-incident analysis.
• Strengthen disaster recovery and business continuity plans.

Identity & Access Governance

• Oversee firmwide identity and access management practices across hybrid AD / Entra environments.
• Enforce least privilege and Zero Trust principles.
• Govern privileged access, role-based access control, and MFA enforcement.
• Coordinate identity lifecycle integration with HR and IT systems.

Culture, Awareness & Training

• Lead firmwide security awareness initiatives
• Strengthen a culture of accountability and vigilance without impeding design productivity or creativity.
• Ensure communication of risks and policies in language accessible to non-technical staff.

Collaboration

• Collaborate closely with:
  • Director of IT
  • Firmwide Technology Team
  • Operations Committee
• Build trusted relationships with leaders across the firm to infuse security best practices into everyday operations.

Qualifications

• 8–12+ years of experience in security, IT infrastructure, or related leadership roles.
• Demonstrated experience managing enterprise security programs.
• Demonstrated expertise with NIST 800-171, CMMC, and related frameworks.
• Experience working with MDR/SOC providers and enterprise security tooling.
• Strong executive communication skills.
• Ability to balance risk mitigation with operational and design needs.
• Eligibility to maintain a T3 Secret DoD Personnel Security Clearance preferred.

Base Salary Range

$153,000/yr - $178,500/yr depending on skills and experience.

Benefits

ZGF Employees Enjoy Medical, Dental and Vision coverage with a generous employer contribution, HSA with employer contribution, 401k with employer match, 4 weeks of PTO and 10 paid holidays per year, paid parental and family leave programs.

Apply With: 

• Cover letter
• Resume

We know that great projects take more than a design team to become a reality. Whether you’re a finance professional, project manager, or specialist in another field, your expertise helps create a healthier, more equitable built environment. Studies show that women and people from underrepresented groups are less likely to apply for jobs unless they meet every qualification. We encourage you to apply even if you don’t check every box—your skills and experiences may be exactly what we need.

ZGF Architects is committed to fostering a diverse, inclusive, and welcoming workplace. As an equal opportunity employer, we celebrate the unique qualities and perspectives that each individual brings to our team. We encourage applicants of all backgrounds, experiences, and identities to apply. Regardless of age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law, we are excited to consider qualified candidates.

If you're ready to contribute to meaningful work, we invite you to submit your cover letter and resume online.