Security Officer responsible for maintaining a safe environment for clients and employees. Enforcing policies and responding to emergencies at the client's site.
About the role
- Information Security Manager responsible for Aircall’s information security strategy, governance, and risk management. Operating across security, IT, privacy, and product teams in a fast-paced environment.
Responsibilities
- Develop and maintain the company-wide security strategy, policies, and governance frameworks.
- Ensure ongoing compliance with SOC 2, GDPR, NIST.
- Determine in conjunction with the other security stakeholders the company’s strategy to pursue additional certifications and other relevant global security standards (e.g., ISO 27001).
- Participate in building the Governance, Risk & Compliance (GRC) function, aligning with privacy, compliance, and enterprise risk function; maintaining and executing against a risk matrix.
- Ensure that each branch of Information Security is performing its responsibilities effectively and operating in a coordinated manner.
- Lead enterprise-wide security risk assessments, gap analyses, and mitigation planning.
- Partner closely with Legal/Privacy on regulatory obligations, including GDPR, data residency requirements, and incident reporting.
- Oversee vendor risk management and security due diligence, ensuring consistent assessment standards and cross-functional alignment.
- Build and manage a scalable vendor security program, including due diligence, remediation, and monitoring.
- Maintain and refine incident response policies, workflows, roles, and communication procedures.
- Coordinate cross-functional participation during security events, ensuring documentation, communication, and post-incident reporting.
- Serve as the point of escalation for major security events.
- Ensure clear reporting lines, accountability, and coordination between IT Security and Engineering/Product Security.
- Work closely with IT, Product, Engineering, and Data teams to embed security-by-design throughout the development lifecycle.
- Manage dotted-line reporting relationships with Security Engineers and IT team members, ensuring unified strategic direction while respecting functional dependencies.
- Represent Information Security to the Board, Audit Committee, customers, and regulators, as needed.
- Lead company-wide security training and awareness initiatives.
- Promote a security-first culture across all functions, ensuring employees understand their role in protecting company and customer data.
Requirements
- 8+ years of experience in Information Security, including security governance or GRC leadership roles within SaaS or cloud based companies.
- Deep knowledge of SOC 2, ISO 27001, NIST, GDPR, and modern security frameworks.
- Hands-on experience with GRC platform (Drata, One Trust, Vanta etc.)
- Experience leading cross-functional initiatives and managing multiple stakeholders.
- Experience with risk management, vendor security, and policy development.
- Proven ability in dealing with incident response and security operations.
- Strong communication skills, with experience presenting to executives or boards.
Benefits
- Medical, dental, and vision insurance is 100% covered
- 401k plan with company matching!
- Unlimited PTO — take the time you need to come to work feeling great!
- Wellness, commuter, and childcare reimbursements
- Generous parental leave policy
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Security Advisor enhancing security measures to align with corporate objectives at Desjardins. Leading development of strategic initiatives and overseeing best practices in security.
Controls Professional assessing internal control frameworks at Barclays, improving control effectiveness and managing risks to ensure compliance with regulations.
Senior Information Security Engineer at Wells Fargo investigating insider threats and strengthening cybersecurity measures. Conducting advanced investigations and collaborating with cyber teams to mitigate risks.
Staff Product Manager overseeing enterprise security product strategy for Tenable. Collaborating with various teams to deliver customer - focused solutions and product features.
Program Security Representative providing multi - discipline security support for Special Access Programs. Ensuring compliance, developing policies, and conducting security assessments in a military context.
Information Systems Security Officer managing operational security posture for information systems at GDIT. Collaborating closely with ISSM and ISO, handling security aspects, and ensuring compliance with security standards.
Senior Cyber Security Project Manager at Airbus Protect managing medium complexity projects in Cyber Security Consulting. Focusing on project leadership and team management in diverse client settings.
Security Architect responsible for designing cloud security architectures for leading brands. Ensuring compliance and guiding incident response strategies in AWS environments.
Senior Security Consultant for ISMS Management at Bundesdruckerei GmbH in Berlin. Responsible for security analysis, management, and advisory roles on cybersecurity issues.