Cognitive Collective

Helping you find your next career in AI. Learn more about the job board on the Scale blog.

Are you a scaling AI startup? Email maxwell@scalevp.com to be added to our board.
companies
Jobs
Search 
jobs
Explore 
companies
My job alerts

Head of Information Security, IT, Governance, Risk, and Compliance

Socure

Socure

IT, Legal
United States · Remote
Posted on Jun 30, 2025
Apply now

Why Socure?

At Socure, we’re on a mission—to verify 100% of good identities in real time and eliminate identity fraud from the internet.

Using predictive analytics and advanced machine learning trained on billions of signals to power RiskOS™, Socure has created the most accurate identity verification and fraud prevention platform in the world. Trusted by thousands of leading organizations—from top banks and fintechs to government agencies—we solve real, high-impact problems at scale. Come join us!

About the Role

We are looking for a dynamic and experienced leader to head our Information Security, IT, Governance, Risk, and Compliance (GRC) functions, ensuring that our technology, processes, and policies continue to meet the demands of a fast-evolving regulatory landscape and an ever-changing threat environment. You will be responsible for shaping Socure’s global security and compliance posture. Reporting to the CTO, you will develop and execute a strategic roadmap for information security, IT operations, regulatory compliance, and risk management. This role demands forward-thinking leadership, deep technical expertise, and exceptional stakeholder management skills, ensuring Socure remains an industry leader in safeguarding digital identities.

What You'll Do

Security & Risk Strategy

  • Define, implement, and maintain Socure’s overall security strategy and roadmap in alignment with business goals.

  • Continuously evaluate emerging threats and industry trends, adapting the security strategy to anticipate and mitigate risks.

Governance & Compliance

  • Oversee Socure’s governance frameworks and compliance with relevant regulations and standards (e.g., SOC 2, ISO 27001, GDPR, PCI-DSS).

  • Ensure continuous readiness for audits and certifications, partnering closely with external auditors and internal stakeholders

  • Develop and maintain company-wide security and compliance policies, ensuring they remain current and well-communicated.

IT Infrastructure & Operations

  • Lead the IT function, overseeing day-to-day technology operations, infrastructure, and service delivery to support Socure’s global workforce.

  • Collaborate with Engineering, Product, and Data Science teams to ensure secure and efficient deployment of systems, platforms, and applications.

  • Manage vendor relationships, contract negotiations, and service-level agreements for critical technology services.

Enterprise Risk Management

  • Develop and operationalize a robust risk management program, identifying and assessing key technical, operational, and strategic risks.

  • Establish risk thresholds and reporting frameworks to inform executive leadership and guide risk mitigation strategies.

  • Ensure a consistent and repeatable process for risk assessments, documentation, and remediation tracking.

Incident Response & Business Continuity

  • Oversee security monitoring and incident response processes, including detection, containment, remediation, and post-incident reviews.

  • Continuously update and test business continuity and disaster recovery plans to minimize disruption and ensure rapid recovery.

Leadership & Team Building

  • Hire, mentor, and develop a high-performing GRC and IT team, fostering a culture of ownership, innovation, and continuous improvement.

  • Champion security and compliance best practices across the organization through training, awareness programs, and effective stakeholder engagement.

Stakeholder Collaboration

  • Serve as a key advisor to executive leadership on all matters related to security, IT governance, risk, and compliance.

  • Partner with Product and Engineering teams to embed security from design through deployment, ensuring best-in-class security features for our customers.

  • Communicate proactively with clients, prospects, partners, and regulatory bodies regarding Socure’s security posture and risk management initiatives.

What You Bring

  • 10+ years of progressively responsible experience in information security, IT governance, risk management, and compliance roles.

  • 5+ years of leadership experience, managing cross-functional teams in a high-growth technology or fintech environment.

  • Demonstrated success in developing security programs and achieving major compliance milestones (e.g., SOC 2 Type II, ISO 27001).

  • Comprehensive knowledge of security technologies (e.g., SIEM, EDR, network security, identity and access management).

  • Strong understanding of cloud platforms (AWS, Azure, or GCP) and modern DevOps practices.

  • Familiarity with emerging identity verification standards and fintech-specific compliance requirements a plus.

Qualifications

  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (Master’s degree preferred).

  • Relevant industry certifications (e.g., CISSP, CISM, CRISC, CISA)
    strongly preferred.

  • Exceptional communication skills, capable of conveying complex technical topics to diverse audiences, including executives, clients, and regulators.

  • Strong analytical and problem-solving capabilities, with a data-driven mindset.

  • Proven ability to build and maintain relationships across technical and non-technical teams.

Socure is an equal opportunity employer and values diversity of all kinds at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Follow Us!

YouTube | LinkedIn | X (Twitter) | Facebook

Apply now
See more open positions at Socure
Privacy policyCookie policy