This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
Bringg is seeking a senior, hands-on CISO & Head of IT to act as "one-man-show" authority for IT operations and information security. This role owns IT and Information Security e2e for Bringg as core business functions: setting direction, making structural and vendor decisions, and defining what "good" looks like, while also answering questions in real time, exercising sound judgment, and taking ownership when issues arise. This is a highly visible leadership role focused on judgment, ownership, and practical execution.
Job Responsibility:
Build and maintain a pragmatic information security and IT risk management program aligned with business priorities
Lead security risk assessments and drive remediation in partnership with engineering, IT, and business teams
Define and maintain security policies, standards, and secure-by-design practices in collaboration with our Product House organization
Promote security awareness and accountability across the company, including ownership of employee security training programs
Own Bringg’s internal IT environment, including identity and access management (e.g., Okta), Google Workspace, endpoints, and core SaaS tools
Ensure smooth employee onboarding and offboarding
Act as a point of escalation for IT issues and access problems, including hands-on work
Manage external IT service providers and helpdesk vendors, including SLAs and escalation
Own the overall effectiveness of security monitoring, detection, and response
Design and maintain preventive controls, processes, and readiness measures to reduce the likelihood and impact of data security incidents
Ensure vulnerabilities, findings, and incidents are identified, prioritized, and addressed
Lead preparation for security incidents, including incident response planning, tabletop exercises, and coordination with Legal, Product House, and external partners
Stay current on emerging threats and translate them into practical, risk-based improvements for the business
Lead security audits and certifications (e.g., SOC 2, ISO 27001) and serve as the primary contact for auditors
Personally own customer security questionnaires and security discussions
Partner closely with Legal on privacy, regulatory, and contractual security matters
Oversee the IT and security budget and manage relevant vendors and advisors
Requirements:
8+ years of experience across IT operations and information security, preferably in a SaaS or cloud environment
Hands-on experience with enterprise IT systems (e.g., Google Workspace, Okta) and security governance frameworks (SOC 2, ISO 27001)
Experience supporting audits, certifications, and customer security requirements
Ability to manage vendors and drive outcomes through others
Strong communication skills and sound judgment in balancing risk, speed, and practicality
Full professional proficiency in English is required
Nice to have:
Security certifications (e.g., CISSP, CISM) are a plus, not a requirement