Head of Information Security, Socure

IT, Governance, Risk, and Compliance

Salary not provided
AWS
GCP
Azure
Expert level
Remote from US
Socure

Digital ID verification & fraud protection

Open for applications

Socure

Digital ID verification & fraud protection

201-500 employees

FintechB2BArtificial IntelligenceSecurityBig dataMachine LearningFinancial ServicesSaaSCyber SecurityIdentityFraud

Open for applications

Salary not provided
AWS
GCP
Azure
Expert level
Remote from US

201-500 employees

FintechB2BArtificial IntelligenceSecurityBig dataMachine LearningFinancial ServicesSaaSCyber SecurityIdentityFraud

Company mission

To verify 100% of good identities in real-time and completely eliminate identity fraud on the internet.

Role

Who you are

  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (Master’s degree preferred)
  • Relevant industry certifications (e.g., CISSP, CISM, CRISC, CISA)
  • Strongly preferred
  • Exceptional communication skills, capable of conveying complex technical topics to diverse audiences, including executives, clients, and regulators
  • Strong analytical and problem-solving capabilities, with a data-driven mindset
  • Proven ability to build and maintain relationships across technical and non-technical teams
  • 10+ years of progressively responsible experience in information security, IT governance, risk management, and compliance roles
  • 5+ years of leadership experience, managing cross-functional teams in a high-growth technology or fintech environment
  • Demonstrated success in developing security programs and achieving major compliance milestones (e.g., SOC 2 Type II, ISO 27001)
  • Comprehensive knowledge of security technologies (e.g., SIEM, EDR, network security, identity and access management)
  • Strong understanding of cloud platforms (AWS, Azure, or GCP) and modern DevOps practices
  • Familiarity with emerging identity verification standards and fintech-specific compliance requirements a plus

What the job involves

  • We are looking for a dynamic and experienced leader to head our Information Security, IT, Governance, Risk, and Compliance (GRC) functions, ensuring that our technology, processes, and policies continue to meet the demands of a fast-evolving regulatory landscape and an ever-changing threat environment
  • As the Head of Information Security, IT, GRC, you will be responsible for shaping Socure’s global security and compliance posture
  • Reporting to the CTO, you will develop and execute a strategic roadmap for information security, IT operations, regulatory compliance, and risk management
  • This role demands forward-thinking leadership, deep technical expertise, and exceptional stakeholder management skills, ensuring Socure remains an industry leader in safeguarding digital identities
  • Define, implement, and maintain Socure’s overall security strategy and roadmap in alignment with business goals
  • Continuously evaluate emerging threats and industry trends, adapting the security strategy to anticipate and mitigate risks
  • Oversee Socure’s governance frameworks and compliance with relevant regulations and standards (e.g., SOC 2, ISO 27001, GDPR, PCI-DSS)
  • Ensure continuous readiness for audits and certifications, partnering closely with external auditors and internal stakeholders
  • Develop and maintain company-wide security and compliance policies, ensuring they remain current and well-communicated
  • Lead the IT function, overseeing day-to-day technology operations, infrastructure, and service delivery to support Socure’s global workforce
  • Collaborate with Engineering, Product, and Data Science teams to ensure secure and efficient deployment of systems, platforms, and applications
  • Manage vendor relationships, contract negotiations, and service-level agreements for critical technology services
  • Develop and operationalize a robust risk management program, identifying and assessing key technical, operational, and strategic risks
  • Establish risk thresholds and reporting frameworks to inform executive leadership and guide risk mitigation strategies
  • Ensure a consistent and repeatable process for risk assessments, documentation, and remediation tracking
  • Oversee security monitoring and incident response processes, including detection, containment, remediation, and post-incident reviews
  • Continuously update and test business continuity and disaster recovery plans to minimize disruption and ensure rapid recovery
  • Hire, mentor, and develop a high-performing GRC and IT team, fostering a culture of ownership, innovation, and continuous improvement
  • Champion security and compliance best practices across the organization through training, awareness programs, and effective stakeholder engagement
  • Serve as a key advisor to executive leadership on all matters related to security, IT governance, risk, and compliance
  • Partner with Product and Engineering teams to embed security from design through deployment, ensuring best-in-class security features for our customers
  • Communicate proactively with clients, prospects, partners, and regulatory bodies regarding Socure’s security posture and risk management initiatives

Share this job

View 16 more jobs at Socure

Insights

Top investors

-22% employee growth in 12 months

Company

Company benefits

  • Health: Comprehensive medical coverage, including vision, dental, and FSA
  • Parental Leave: Generous leave allowance for parents-to-be
  • 401k: Pre-tax savings for retirement
  • Life Insurance: Protect your family in case of emergency
  • PTO: Take as much time as you need, when you need it
  • 100% Remote: Work from anywhere anytime, whatever suits your lifestyle
  • WFH Allowance: Generous reimbursement program to maximize your WFH setup
  • Deskpass: Work in an office environment whenever you feel the need
  • Mental Health Provider: Connect with clinicians when you need it
  • Learning & Development: Self-education allowance & free career coaching
  • Employee Assistance Program "EAP": Lifestyle resources available as well as additional mental health resources
  • Fertility Provider: Family planning solutions for those interested
  • Personal Legal Support: Significant discounts with RocketLawyer

Funding (last 2 of 8 rounds)

Nov 2021

$450m

SERIES E

Mar 2021

$100m

SERIES D

Total funding: $646.6m

Our take

Socure is an identity platform that aims to improve customer identification for digital transactions. The company is part of a growing market, with rivals in this competitive space including Signifyd, Riskified, AppsFlyer, ClearSale, Kount, SEON, and Fraud Fighters.

The engine delivered by Socure encompasses KYC (Know Your Customer), identity fraud detection, and document verification. With it, companies can scale rapidly by onboarding more good customers, and prevent online fraud. In addition, underbanked consumers who have been excluded from online services by outdated ID verification can gain access to critical benefits and services online.

Socure has rapidly escalated in popularity, and reached a valuation well over $1 billion. Though not immune from the economic downturn of late, which resulted in two high-profile rounds of lay-offs, the company has secured considerable additional funds that will strengthen its financial position as it moves to capitalize on the ever-growing importance of identity verification and trust.

Steph headshot

Steph

Company Specialist at Welcome to the Jungle