Head of Information Security, Socure

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (Master’s degree preferred)
• Relevant industry certifications (e.g., CISSP, CISM, CRISC, CISA)
• Strongly preferred
• Exceptional communication skills, capable of conveying complex technical topics to diverse audiences, including executives, clients, and regulators
• Strong analytical and problem-solving capabilities, with a data-driven mindset
• Proven ability to build and maintain relationships across technical and non-technical teams
• 10+ years of progressively responsible experience in information security, IT governance, risk management, and compliance roles
• 5+ years of leadership experience, managing cross-functional teams in a high-growth technology or fintech environment
• Demonstrated success in developing security programs and achieving major compliance milestones (e.g., SOC 2 Type II, ISO 27001)
• Comprehensive knowledge of security technologies (e.g., SIEM, EDR, network security, identity and access management)
• Strong understanding of cloud platforms (AWS, Azure, or GCP) and modern DevOps practices
• Familiarity with emerging identity verification standards and fintech-specific compliance requirements a plus

• We are looking for a dynamic and experienced leader to head our Information Security, IT, Governance, Risk, and Compliance (GRC) functions, ensuring that our technology, processes, and policies continue to meet the demands of a fast-evolving regulatory landscape and an ever-changing threat environment
• As the Head of Information Security, IT, GRC, you will be responsible for shaping Socure’s global security and compliance posture
• Reporting to the CTO, you will develop and execute a strategic roadmap for information security, IT operations, regulatory compliance, and risk management
• This role demands forward-thinking leadership, deep technical expertise, and exceptional stakeholder management skills, ensuring Socure remains an industry leader in safeguarding digital identities
• Define, implement, and maintain Socure’s overall security strategy and roadmap in alignment with business goals
• Continuously evaluate emerging threats and industry trends, adapting the security strategy to anticipate and mitigate risks
• Oversee Socure’s governance frameworks and compliance with relevant regulations and standards (e.g., SOC 2, ISO 27001, GDPR, PCI-DSS)
• Ensure continuous readiness for audits and certifications, partnering closely with external auditors and internal stakeholders
• Develop and maintain company-wide security and compliance policies, ensuring they remain current and well-communicated
• Lead the IT function, overseeing day-to-day technology operations, infrastructure, and service delivery to support Socure’s global workforce
• Collaborate with Engineering, Product, and Data Science teams to ensure secure and efficient deployment of systems, platforms, and applications
• Manage vendor relationships, contract negotiations, and service-level agreements for critical technology services
• Develop and operationalize a robust risk management program, identifying and assessing key technical, operational, and strategic risks
• Establish risk thresholds and reporting frameworks to inform executive leadership and guide risk mitigation strategies
• Ensure a consistent and repeatable process for risk assessments, documentation, and remediation tracking
• Oversee security monitoring and incident response processes, including detection, containment, remediation, and post-incident reviews
• Continuously update and test business continuity and disaster recovery plans to minimize disruption and ensure rapid recovery
• Hire, mentor, and develop a high-performing GRC and IT team, fostering a culture of ownership, innovation, and continuous improvement
• Champion security and compliance best practices across the organization through training, awareness programs, and effective stakeholder engagement
• Serve as a key advisor to executive leadership on all matters related to security, IT governance, risk, and compliance
• Partner with Product and Engineering teams to embed security from design through deployment, ensuring best-in-class security features for our customers
• Communicate proactively with clients, prospects, partners, and regulatory bodies regarding Socure’s security posture and risk management initiatives

• Health: Comprehensive medical coverage, including vision, dental, and FSA
• Parental Leave: Generous leave allowance for parents-to-be
• 401k: Pre-tax savings for retirement
• Life Insurance: Protect your family in case of emergency
• PTO: Take as much time as you need, when you need it
• 100% Remote: Work from anywhere anytime, whatever suits your lifestyle
• WFH Allowance: Generous reimbursement program to maximize your WFH setup
• Deskpass: Work in an office environment whenever you feel the need
• Mental Health Provider: Connect with clinicians when you need it
• Learning & Development: Self-education allowance & free career coaching
• Employee Assistance Program "EAP": Lifestyle resources available as well as additional mental health resources
• Fertility Provider: Family planning solutions for those interested
• Personal Legal Support: Significant discounts with RocketLawyer

Total funding: $646.6m

Socure is an identity platform that aims to improve customer identification for digital transactions. The company is part of a growing market, with rivals in this competitive space including Signifyd, Riskified, AppsFlyer, ClearSale, Kount, SEON, and Fraud Fighters.