We are looking for a Head of Information Security and Systems Management with proven experience building an information security function in a rapidly scaling tech company, ideally with a fully distributed workforce. This role will shape our security and systems strategy, ensuring our infrastructure matures as we scale and that our global team’s work environments meet high security standards.You will tackle challenges around expanding systems and processes, implement best practices, and unify all information security domains. With strong organizational support, resources, and a reliable, experienced team, you will be the key decision-maker for security. You will also work closely with leaders across the company — including HR, the CEO, and the MD — to build integrated processes and drive company-wide adoption of security initiatives.Key ResponsibilitiesIdentity & Access Management (IAM): Responsibility for centralized access management, including developing and maintaining a robust RBAC model. Oversee access granting, revocation, and periodic access reviews. Ensure proper configuration of SSO, MFA, and least-privilege policies. Conduct account audits and monitor for privilege misuse or anomalies.Team Management: Build and lead a scalable security team, managing budget, resources, hiring, and mentorship. Set strategic direction, ensure the team can meet organizational security needs, and maintain resilience through succession planning and cross-training.Application Security: Embed security into the software development lifecycle by securing application architecture with the Head of Development. Implement DevSecOps, protect secrets and IP, use SAST/DAST, perform threat modeling, and regularly review third-party libraries and services to prevent vulnerabilities and ensure secure deployment.Infrastructure Security: Protect the company’s IT infrastructure through secure network architecture, segregation, server and endpoint hardening, and patching policies. Work closely with the Head of Infrastructure and Networks, with strong focus on cloud security, to prevent vulnerabilities and ensure secure operation across all infrastructure components.Incidents Monitoring & Response: Implement a SIEM for real-time monitoring, build a SOC, and establish response processes for proactive detection and fast, effective resolution of security incidents. Continuously improve incident management capabilities.