Salary: $180,000 - 200,000 per year
Requirements:
• Over 8 years of experience in Information Security, particularly in governance or GRC leadership roles within SaaS or cloud-based environments.
• Extensive knowledge of SOC 2, ISO 27001, NIST, GDPR, and contemporary security frameworks.
• Practical experience with GRC platforms (e.g., Drata, One Trust, Vanta).
• Proven experience in guiding cross-functional initiatives and juggling multiple stakeholders.
• Background in risk management, vendor security, and policy formulation.
• Demonstrated capability in incident response and security operations.
• Excellent communication skills, with a history of presenting to executives or boards.
Responsibilities:
• Craft and uphold the overarching company security strategy, policies, and governance frameworks.
• Ensure continuous compliance with SOC 2, GDPR, and NIST standards.
• Collaborate with security stakeholders to define strategies for pursuing additional certifications and global security standards (e.g., ISO).
• Assist in establishing the Governance, Risk & Compliance (GRC) function, aligning with privacy, compliance, and enterprise risk considerations while managing a risk matrix.
• Guarantee effective performance and coordination among the various branches of Information Security (Product Security, IT Security, GTM, Vendor Due Diligence, Customer-facing topics; Governance, Policies & Audits).
• Lead comprehensive security risk assessments, gap analyses, and develop mitigation plans.
• Work in partnership with Legal/Privacy on regulatory obligations, including GDPR, data residency requirements, and incident reporting.
• Manage vendor risk and security due diligence, ensuring consistent evaluation standards and cross-functional alignment.
• Establish and oversee a robust vendor security program encompassing due diligence, remediation, and monitoring.
• Maintain and enhance incident response policies, workflows, roles, and communication methods.
• Coordinate cross-functional involvement during security incidents, ensuring thorough documentation, communication, and post-incident reporting.
• Act as the escalation point for significant security events.
• Ensure distinct reporting lines, accountability, and coordination between IT Security and Engineering/Product teams.
• Collaborate closely with IT, Product, Engineering, and Data teams to incorporate security-by-design throughout the development process.
• Manage indirect reporting relationships with Security Engineers and IT team members, ensuring cohesive strategic direction while respecting functional obligations.
• Represent Information Security to the Board, Audit Committee, customers, and regulators as necessary.
• Direct company-wide security training and awareness initiatives.
• Cultivate a security-first culture organization-wide, ensuring employees recognize their role in protecting company and customer data.
Technologies:
• AI
• Cloud
• Matrix
• Security
• CTO
• Support
More:
At Aircall, we are a rapidly growing AI-driven customer communications platform, used by over 22,000 businesses globally to enhance revenue, expedite resolutions, and scale service. We operate from nine major offices around the world, supported by esteemed investors. Our dynamic team emphasizes customer-centric innovation and thrives in a fast-paced environment. We offer a competitive salary package, comprehensive health insurance, a generous parental leave policy, and unlimited PTO. We are committed to fostering diversity, equity, and inclusion, ensuring that all voices are heard and valued as we grow together.
last updated 5 week of 2026
