Information Security Lead

📋 Description

• Take charge of the security program: Define and manage the company's security initiatives, encompassing policies, controls, risk management, and the Information Security Management System (ISMS).

• Drive compliance and foster customer trust: Oversee SOC 2 and HIPAA programs, audits, and all security-related processes that involve customers (including questionnaires, due diligence, and reviews).

• Create effective security controls: Develop scalable security architectures and guidelines for cloud, data, application systems, and internal IT.

• Empower the organization: Integrate security into the Software Development Life Cycle (SDLC) and internal processes, including the measured implementation of AI agents throughout the business.

⛳️ Requirements

• Proven experience managing a security program in a startup or growth-oriented company (approximately 20–150 employees).

• In-depth understanding of SOC 2 and HIPAA environments, including executing audits from start to finish and collaborating with security vendors.

• Capability to design effective security controls across AWS, application systems, and internal IT settings (including Google Workspace and OSX).

• Proven ability to balance security requirements with operational speed and business objectives, alongside effective communication with customers.

🏝️ Benefits

• Competitive salary and performance-based incentives.

• Comprehensive health benefits package.

• Opportunities for professional growth and development.

• Flexible work hours and remote work options.