Head of Information Security

Head of Information Security - Role Overview

About Our Client:
Our client is on a mission to transform the way IT assets are managed for today's distributed workforce. As a rapidly growing organization, they are developing a cutting-edge platform that streamlines complex operational challenges for their customers. Security and trust are central to their vision, and this role offers a unique opportunity to establish and lead the security function from the ground up at a critical stage of growth.

Role Purpose:
Our client is seeking an experienced and visionary Head of Information Security to define, implement, and scale their security strategy in a fast-moving, high-growth environment. This senior leadership position combines hands-on technical expertise with strategic oversight, requiring someone who can take full ownership of the company's security posture. Reporting directly to the CTO, you will serve as the organization's security champion, architecting solutions, setting policies, and building a world-class security team.

Key Responsibilities:

• Secure Architecture & Automation: Design and implement a security strategy that is integrated into every layer of the organization. Improve endpoint and cloud security leveraging tools such as CrowdStrike and modern MDM solutions. Define best practices for Google Workspace and make critical decisions about security infrastructure to enable seamless, effective protections.
• Compliance & Customer Trust: Partner with the business to establish security controls and documentation aligned with frameworks like SOC 2 and ISO 27001. Own the development of security policies and procedures that not only reduce risk but also support business growth and accelerate customer adoption.
• Threat Management & Incident Response: Lead the end-to-end security operations process, including threat detection, response planning, and incident management. Define and track key risk indicators, implement monitoring and alerting systems, and act as the primary incident commander to safeguard company and customer data.
• Cross-Functional Collaboration: Collaborate closely with IT, product, and engineering teams to integrate security into development processes. Provide guidance on secure identity and access management, including SSO/SAML implementations, and clearly communicate risks to both technical and non-technical stakeholders.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 7+ years in information security within a SaaS environment, with strong experience in endpoint and cloud security.
• 3+ years in startup or high-growth environments.
• Hands-on expertise with EDR platforms, specifically CrowdStrike Falcon, including architecture, configuration, threat hunting, and incident response.
• Proven experience managing MDM solutions for macOS, Windows, iOS, and Android devices.
• Strong administrative knowledge of Google Workspace security, including DLP, context-aware access, and best practices.
• Experience designing and managing SSO/SAML integrations to enforce least-privilege access across SaaS platforms.
• Experience building and running vulnerability management programs.
• Familiarity with compliance frameworks such as SOC 2, ISO 27001, NIST, or GDPR is advantageous.
• Experience with security automation using scripting languages (Python, PowerShell, etc.) is a plus.

Core Attributes:

• Commitment to Security Excellence: Proven track record of delivering scalable, high-quality security solutions.
• Ownership & Pragmatism: Ability to take full responsibility for organizational security and make risk-based decisions that balance safety with business agility.
• Business & Customer Focus: Understands the business impact of security, prioritizes customer trust, and supports product and organizational objectives.
• Curiosity & Learning: Keeps up with emerging threats and security technologies, with a passion for continuous improvement.
• Proactive Mindset: Identifies risks and drives improvements independently.
• Comfort with Ambiguity: Thrives in a fast-moving, early-stage environment, navigating uncertainty to create effective security strategies.