CrawlJobs Logo

Ciso & Head Of It

Israel, TLV · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

Bringg is seeking a senior, hands-on CISO & Head of IT to act as "one-man-show" authority for IT operations and information security. This role owns IT and Information Security e2e for Bringg as core business functions: setting direction, making structural and vendor decisions, and defining what "good" looks like, while also answering questions in real time, exercising sound judgment, and taking ownership when issues arise. This is a highly visible leadership role focused on judgment, ownership, and practical execution.

Job Responsibility

  • Build and maintain a pragmatic information security and IT risk management program aligned with business priorities
  • Lead security risk assessments and drive remediation in partnership with engineering, IT, and business teams
  • Define and maintain security policies, standards, and secure-by-design practices in collaboration with our Product House organization
  • Promote security awareness and accountability across the company, including ownership of employee security training programs
  • Own Bringg’s internal IT environment, including identity and access management (e.g., Okta), Google Workspace, endpoints, and core SaaS tools
  • Ensure smooth employee onboarding and offboarding
  • Act as a point of escalation for IT issues and access problems, including hands-on work
  • Manage external IT service providers and helpdesk vendors, including SLAs and escalation
  • Own the overall effectiveness of security monitoring, detection, and response
  • Design and maintain preventive controls, processes, and readiness measures to reduce the likelihood and impact of data security incidents
  • Ensure vulnerabilities, findings, and incidents are identified, prioritized, and addressed
  • Lead preparation for security incidents, including incident response planning, tabletop exercises, and coordination with Legal, Product House, and external partners
  • Stay current on emerging threats and translate them into practical, risk-based improvements for the business
  • Lead security audits and certifications (e.g., SOC 2, ISO 27001) and serve as the primary contact for auditors
  • Personally own customer security questionnaires and security discussions
  • Partner closely with Legal on privacy, regulatory, and contractual security matters
  • Oversee the IT and security budget and manage relevant vendors and advisors

Requirements

  • 8+ years of experience across IT operations and information security, preferably in a SaaS or cloud environment
  • Hands-on experience with enterprise IT systems (e.g., Google Workspace, Okta) and security governance frameworks (SOC 2, ISO 27001)
  • Experience supporting audits, certifications, and customer security requirements
  • Ability to manage vendors and drive outcomes through others
  • Strong communication skills and sound judgment in balancing risk, speed, and practicality
  • Full professional proficiency in English is required

Nice to have

Security certifications (e.g., CISSP, CISM) are a plus, not a requirement

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Ciso & Head Of It

8 matching positions

New

Head of IT Security

We are looking for a senior IT security leader to define, implement and assure o...
Location
Location
United Kingdom , Birmingham; Leeds; London
Salary
Salary:
Not provided
capsticks.com Logo
Capsticks Solicitors LLP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior IT security leadership experience, ideally with exposure to CISO-level responsibilities
  • Strong knowledge of security operations, identity and access management, cloud and network security, endpoint protection, email security and modern models such as Zero Trust / ZTNA
  • Experience working with ISO27001, Cyber Essentials Plus and recognised security frameworks such as CIS Controls or NIST
  • The ability to translate risk and compliance requirements into practical controls, services and improvement plans
  • Experience managing teams, vendors and managed security services, ideally in a SaaS-focused professional services environment
  • Clear communication skills, with the confidence to explain complex security topics to senior stakeholders, technical teams and external parties
  • A pragmatic, outcome-focused and forward-looking approach, with the resilience to work effectively under pressure
Job Responsibility
Job Responsibility
  • Defining and implementing security strategy, standards and controls aligned to ISO27001, Cyber Essentials Plus and the firm’s wider data, AI and innovation strategies
  • Overseeing security operations, monitoring, detection and response across areas such as SOC, SIEM, XDR, vulnerability management and incident response
  • Embedding security by design into projects, change and solution architecture, including identity, endpoint, cloud, network, email and secure remote access controls
  • Working with Governance & Risk to maintain and improve the ISMS, support audits and ensure regulatory and client expectations are met
  • Providing clear reporting on security posture, risks, incidents and improvement plans to technical and non-technical stakeholders
  • Promoting a strong security culture through awareness, training and practical guidance on secure behaviours
What we offer
What we offer
  • Inclusive employer
  • reasonable adjustments
  • Fulltime
Read More
Arrow Right

Head of IT Security

We are looking for a senior IT security leader to define, implement and assure o...
Location
Location
United Kingdom , Birmingham, Leeds, London
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior IT security leadership experience, ideally with exposure to CISO-level responsibilities
  • Strong knowledge of security operations, identity and access management, cloud and network security, endpoint protection, email security and modern models such as Zero Trust / ZTNA
  • Experience working with ISO27001, Cyber Essentials Plus and recognised security frameworks such as CIS Controls or NIST
  • The ability to translate risk and compliance requirements into practical controls, services and improvement plans
  • Experience managing teams, vendors and managed security services, ideally in a SaaS-focused professional services environment
  • Clear communication skills, with the confidence to explain complex security topics to senior stakeholders, technical teams and external parties
  • A pragmatic, outcome-focused and forward-looking approach, with the resilience to work effectively under pressure
Job Responsibility
Job Responsibility
  • Define and implement security strategy, standards and controls aligned to ISO27001, Cyber Essentials Plus and the firm’s wider data, AI and innovation strategies
  • Oversee security operations, monitoring, detection and response across areas such as SOC, SIEM, XDR, vulnerability management and incident response
  • Embed security by design into projects, change and solution architecture, including identity, endpoint, cloud, network, email and secure remote access controls
  • Work with Governance & Risk to maintain and improve the ISMS, support audits and ensure regulatory and client expectations are met
  • Provide clear reporting on security posture, risks, incidents and improvement plans to technical and non-technical stakeholders
  • Promote a strong security culture through awareness, training and practical guidance on secure behaviours
What we offer
What we offer
  • Inclusive employer
  • reasonable adjustments to application and interview process
  • Fulltime
Read More
Arrow Right

Head of Governance, Risk and Compliance - CISO function - BPL

The Head of GRC leads the pillar responsible for ensuring the organisation under...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • CISM, CRISC, or CISSP certification
  • Experience with DORA (Digital Operational Resilience Act) compliance requirements and implementation
  • ISO 27001 Lead Auditor or Lead Implementer certification
  • PCI QSA or Internal Security Assessor (ISA) qualification
  • Previous experience in FinTech, Digital Banking, Payment Acquiring organisation
  • Experience with Visa GACS and Mastercard SDP acquirer compliance programmes
  • Significant experience of progressive experience in information security governance, risk, and compliance, with at least 5 years leading a GRC team in a regulated environment
  • Strong understanding of UK GDPR and the role of security controls in meeting data protection obligations, including breach notification requirements and data protection impact assessments
  • Experience designing and operating security control frameworks mapped to multiple regulatory requirements simultaneously (e.g., a single framework serving PCI DSS, FCA, and GDPR)
  • Understanding of cloud-native architectures and their implications for compliance and risk management
Job Responsibility
Job Responsibility
  • Own the security policy framework, ensuring policies are current, proportionate, and aligned to PCI DSS, FCA expectations, UK GDPR, and DORA requirements
  • Maintain and operate the security risk register, ensuring risks are assessed consistently using a defined methodology, owned explicitly, and reported accurately to the CISO and Executive Leadership Team (ETL)
  • Manage the relationship with external auditors, the Qualified Security Assessor (QSA), and 2nd/3rd Line of Defence (LoD) on all security and technology risk matters
  • Own the third-party security assurance process, ensuring all vendors, partners, and card scheme integrations are risk-assessed with a tiered approach proportionate to data access and criticality
  • Chair the monthly Cyber and Tech Risk and Controls Forum, presenting risk posture, compliance status, and material findings to the CISO, CIO and ELT
  • Design and maintain the control framework, mapping controls to PCI DSS, FCA, UK GDPR, and DORA requirements, and ensuring control effectiveness is tested on a continuous cycle
  • Produce KRI dashboards and risk reporting for CISO, CIO, and ELT consumption, ensuring risk is communicated in business terms
  • Lead regulatory and audit engagement on security matters, coordinating regulatory review and audit interactions and proactively managing stakeholder relationships
  • Own the risk assessment calendar, ensuring both cyclical and event-driven assessments are executed on schedule with appropriate rigour
  • Manage the risk acceptance process, ensuring risk acceptance decisions are documented, time-bound, approved at the appropriate authority level, and reviewed before expiry
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Head of Product Security

The Head of Product Security leads the pillar responsible for ensuring everythin...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • CSSLP, OSCP or similar certifications
  • Experience with PCI Software Security Framework (SSF) and its application to payment processing software
  • Previous career as a software engineer or developer before moving into security — you understand the developer experience from the inside
  • Experience with bug bounty programme management
  • Payments acquiring, FinTech, E-Pay - application security experience
  • Contributions to open-source security tools, OWASP projects, or published security research
  • Experience with security tooling for Kubernetes-native applications
  • Several years of progressive experience in application security or product security, with a number of years in a leadership role managing a product security or AppSec team
  • Deep understanding of modern application security: OWASP Top 10, API security (REST, gRPC, GraphQL), microservices security, container security, and secure coding practices
  • Proven experience building and running a security champions programme in an agile engineering organisation
Job Responsibility
Job Responsibility
  • Own and drive the shift-left security programme, ensuring security is integrated into the earliest stages of the software development lifecycle through threat modelling, secure design patterns, and automated tooling
  • Manage the security champions programme, recruiting, training, and supporting champions across all product squads
  • Own the developer security toolchain (SAST, DAST, SCA, secrets scanning) and ensure it is integrated into all CI/CD pipelines with minimal developer friction and calibrated thresholds to avoid noise
  • Establish and operate the vulnerability management lifecycle, including scanning orchestration, triage, prioritisation, SLA assignment, remediation tracking, and exception management
  • Chair the weekly Vulnerability Review Board, making prioritisation decisions on critical and high-severity findings in collaboration with engineering leads
  • Define and publish the security engagement model for product and engineering teams, including trigger points (new service, new integration, pre-release), SLAs, and escalation paths
  • Oversee threat modelling for new services and major changes, ensuring threat models are completed before development progresses beyond initial design
  • Own the security sign-off process for production releases, providing risk-based release decisions (approved, approved with conditions, deferred, escalated) rather than binary pass/fail gates
  • Provide self-service security capabilities to product teams: threat model templates, security stories backlog, secure coding guides, and accessible tooling documentation
  • Produce security assurance reporting for the CISO, including vulnerability trends, SDLC integration metrics, champion programme health, and developer satisfaction with security
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Global Head of Cyber Risk and Compliance

The Technology & Cyber Compliance and Operational Risk Office (TCCORO) at Citi i...
Location
Location
United States , Irving, Texas, United States, New York, New York, United States
Salary
Salary:
250000.00 - 500000.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 20+ years' experience in technology risk and/or cyber risk management in the banking/financial services industry, or related field, with at least 5+ years in 2nd or 3rd line senior leadership positions
  • Subject matter expert in technology risk and/or cyber risk management principles and practices across various information system architecture and engineering domains
  • Proven experience in managing complex risk portfolios and developing strategic risk management frameworks for large organizations
  • Robust understanding of operational risk management frameworks, industry standards, regulatory requirements, and risk mitigation practices
  • Experience managing and overseeing large remediation and transformation programs to achieve intended results
  • Extensive experience in effective written and verbal communication with executive audiences including Boards
  • Experienced risk challenger who balances risks vs. rewards aligned with corporate risk culture
  • Understanding of Citi products and services and downstream impacts of technology risk and/or cyber risk strategy
  • Professional certifications in either technology risk and/or cyber risk preferred, including: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), ERM, CET, ISO27001, COBIT, TOGAF, or CRI
  • In-depth, working knowledge of banking technologies, fraud, cybercrime detection and countermeasures, encryption, data retention, as well as information security support for segregation of duties, application development, network and systems operation, testing and vendor management
Job Responsibility
Job Responsibility
  • Oversight and challenge of the cybersecurity incident response programs
  • Oversight of the security operations center (SOC) and cybersecurity fusion center (CSFC)
  • Oversight of cybersecurity penetration testing and red-team operations
  • Oversight of the Chief Information Security Office (CISO), including the review of the effectiveness of the controls, standards and programs across the enterprise
  • Implementation of guidance for overseeing Emerging Technology and Operational Risks, in compliance with OCC Heightened Standards
  • Able to present and lead discussions with key Regulators, internal and external auditors, as well the Board of Directors and the Risk and Audit sub-committees
  • Governance and Oversight of security risks impacting the business and technology
  • Support in the development of Cyber Policy and Standards
  • Oversight of Key Operational Risks and related indicators and thresholds
  • Challenge of Cyber Risk Self Assessments
What we offer
What we offer
  • Discretionary and formulaic incentive and retention awards
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right

Head of Cybersecurity Technology & AI Security Engineering

The Head of Cybersecurity Technology & AI Security Engineering is an executive l...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of relevant experience in an Engineering role in the cybersecurity, digital or AI fields
  • Experience working in Financial Services or Technology or a large complex and/or global environment
  • Comprehensive knowledge of design metrics, analytics tools, benchmarking activities and related reporting to identify best practices
  • Proven track record of building and running resilient service driven technology capabilities
  • Demonstrated use of driving AI delivery and engineering to transform capabilities and services to deliver value to customers and stakeholders
  • Proven ability to engage and influence senior stakeholders across business, risk, technology, and governance functions in a banking context.
  • Demonstrated success in building, leading, and scaling global cybersecurity teams
Job Responsibility
Job Responsibility
  • Build, mentor and inspire a high performing cybersecurity team, growing both the current and the next generation of leadership talent
  • Lay out a clear vision for Cybersecurity Technology in partnership with the leaders of Cyber Security Operations, BFT-CISO, and Cyber Risk and Controls
  • Lead significant initiatives within and help deliver the CISO and BFT cyber strategies, and securely enable business and technology activities and programs
  • Work with the assigned Enterprise Security Architects, vendors and engineers to develop and document an effective architecture that aligns with Citi’s architecture principles and overall Enterprise Architecture
  • Lead a product mgmt. function that engages stakeholders to prioritize features and capabilities in the Cybersecurity Technology roadmap, delivering value and user experience
  • Build an AI capability that maintains an “agent first” mindset to solve security problems
  • Manage the budget, resource planning, and delivery of end results through executing the functional strategy
  • Leverage the team to rapidly respond to emerging threats, security incidents and critical business activities
  • Lead and securely enable significant business change in complex global environments, managing complex multiple risk dimensions
  • Partner with peer leadership to drive cyber strategy and unify global processes and functions
  • Fulltime
Read More
Arrow Right

Head of Cybersecurity Technology & AI Security Engineering

The Head of Cybersecurity Technology & AI Security Engineering is an executive l...
Location
Location
Ireland , Dublin
Salary
Salary:
230000.00 - 420000.00 EUR / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of relevant experience in an Engineering role in the cybersecurity, digital or AI fields
  • Experience working in Financial Services or Technology or a large complex and/or global environment
  • Comprehensive knowledge of design metrics, analytics tools, benchmarking activities and related reporting to identify best practices
  • Proven track record of building and running resilient service driven technology capabilities
  • Demonstrated use of driving AI delivery and engineering to transform capabilities and services to deliver value to customers and stakeholders
  • Proven ability to engage and influence senior stakeholders across business, risk, technology, and governance functions in a banking context.
  • Demonstrated success in building, leading, and scaling global cybersecurity teams
Job Responsibility
Job Responsibility
  • Build, mentor and inspire a high performing cybersecurity team, growing both the current and the next generation of leadership talent
  • Lay out a clear vision for Cybersecurity Technology in partnership with the leaders of Cyber Security Operations, BFT-CISO, and Cyber Risk and Controls.
  • Lead significant initiatives within and help deliver the CISO and BFT cyber strategies, and securely enable business and technology activities and programs
  • Work with the assigned Enterprise Security Architects, vendors and engineers to develop and document an effective architecture that aligns with Citi’s architecture principles and overall Enterprise Architecture.
  • Lead a product mgmt. function that engages stakeholders to prioritize features and capabilities in the Cybersecurity Technology roadmap, delivering value and user experience.
  • Build an AI capability that maintains an “agent first” mindset to solve security problems
  • Manage the budget, resource planning, and delivery of end results through executing the functional strategy
  • Leverage the team to rapidly respond to emerging threats, security incidents and critical business activities
  • Lead and securely enable significant business change in complex global environments, managing complex multiple risk dimensions
  • Partner with peer leadership to drive cyber strategy and unify global processes and functions
  • Fulltime
Read More
Arrow Right

Head of product marketing

About Tines Founded in 2018 with co-headquarters in Dublin and Boston, Tines po...
Location
Location
United States , Atlanta
Salary
Salary:
340000.00 USD / Year
remotivatejobs.com Logo
RemotivateJobs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of quota carrying SaaS sales experience
  • Proven track record of sales success with Fortune 1000 customers in the Southeast region
  • Experience selling a technical SaaS solution to technical stakeholders – CISO, CIO, CTO, Head of Engineering, DevOps, IT etc.
  • Ability to prospect for outbound leads and build customer demand and at the same time nurture and develop inbound lead flow
  • Familiar working relationship with relevant regional IT channel partners/Tech Alliances for Tines in the Southeast region
  • Experience in building fresh territories/geo patches from scratch and generating customer demand and opportunities
  • Successful track record of achieving quarterly goals, metrics and objectives
  • Cross-department collaboration experience
  • Coachability and curiosity: open to feedback, learn from mistakes, eager to learn and question the norm
  • A passion to work at an established scale-up company – a desire to make an impact for your team and the company
Job Responsibility
Job Responsibility
  • Build awareness and drive demand for Tines solutions by helping Enterprise users and customers derive value from the Tines automation platform in the Southeast territory
  • Clearly demonstrate and articulate the capabilities, power and value of the Tines automation platform
  • Manage multiple customer opportunities through the sales cycle and close complex transactions
  • Working closely with channel/tech alliances in the Southeast territory to uncover and progress customer opportunities for Tines
  • Uncover fresh and diverse use cases with internal resources such as your allocated BDR, Marketing and Channel Partnerships
  • Actively prospect to supplement the lead flow provided by a dedicated team of Business Development Representatives
  • Partner closely with our Technical Sales Engineering team throughout the sales cycle
  • Collaborate across Tines business functions (Legal, Customer Success, Marketing, etc.) to ensure a world class customer experience
  • Build a strong business plan through customer, partner/channel and community ecosystems to achieve growth within your accounts and specified territory
  • Work closely with Sales Leadership to develop repeatable strategies for new logo acquisition
  • Fulltime
Read More
Arrow Right