Information Security Manager

Who We Are

Simpplr is the AI-powered platform that unifies the digital workplace – bringing together engagement, enablement, and services to transform the employee experience. It streamlines communication, simplifies interactions, automates workflows, and elevates the everyday experience of work. The platform is intuitive, highly extensible, and built to integrate seamlessly with your existing technology.

More than 1,000 leading organizations – including AAA, the NHS, Penske, and Moderna – trust Simpplr to foster a more aligned and productive workforce. Headquartered in Silicon Valley with global offices, Simpplr is backed by Norwest Ventures, Sapphire Ventures, Salesforce Ventures, and Tola Capital. Learn more at 

JOB DESCRIPTION - INFORMATION SECURITY MANAGER
Job Title:

Information Security Manager

Job Description:

We are hiring an Information Security Manager to support our IT operations and protect our corporate digital assets by developing and implementing security policies, overseeing security systems and leading incident response.

In this role, you'll work at the intersection of IT infrastructure and cloud application including AI-driven product development. You'll be responsible for security policy management, risk register maintenance and business continuity planning and operations. You will also partner with internal stakeholders and external parties for privacy and security audits and certifications..

This is a highly collaborative role that involves excellent collaboration skills with internal and external parties to manage and uplevel Simpplr's security posture and continue Simpplr's demonstrated security leadership position.

Key Responsibilities:

• Develop, implement, and maintain security policies, procedures, and guidelines to protect information assets and to ensure compliance. 
• Assess system vulnerabilities, identify security risks, and implement risk mitigation strategies. Ensure that the risk register is kept up to date.
• Ensure that all IT systems are up to date with required patches and configuration and required controls are in place to manage and monitor corporate devices. 
• Manage and respond to security incidents, conduct investigations and coordinate recovery efforts. 
• Ensure the organization adheres to industry standards and relevant regulations, and conduct regular security audits and security committee meetings. 
• Closely collaborate with internal and external parties to manage internal and external audits towards successful ISO 27001, ISO 27701 and SOC 2 certifications. 
• Data Privacy Framework: Ensure compliance with Data Privacy Framework. 
• Develop and deliver security awareness training to educate employees on best security practices and policies. 
• Manage and support vendor onboarding process including vendor evaluation and security assessment.

Minimum Qualifications:

• 10+ years of experience in IT with a focus on information security.
• Prior experience with managing and orchestrating security audits and certifications (ISO 27001, ISO 27701, SOC 2 at a minimum).
• Prior experience with policies and procedures management.
• Knowledge of controls related to the use, processing, storage, and transmission of data.
• Proficiency in identifying, assessing, and mitigating security risks and maintaining the risk register. 
• Leadership & Management: Ability to lead and manage IT and information security programs. 
• Effectively communicate security risks, policies, and procedures to stakeholders and employees. 
• A bachelor's degree in cybersecurity, computer science, or a related field.

Preferred Qualifications:

• Prior experience with ISO 42001.
• Understanding of data governance and compliance policies in the US, EU, Australia and Canada.
• Certifications like CISM, CISSP, CRISC
• Experience working in SaaS and multi-tenant environments.
  
  

Simpplr's Hub-Hybrid-Remote Model:

At Simpplr we believe that when work is good, life is better and that belief guides all we do. Including how we approach our flexible work model. Simpplr operates with a Hub-Hybrid-Remote model. This model is role-based with exceptions and provides employees with the flexibility that many have told us they want.

• Hub - 100% work from Simpplr office. Role requires Simpplifier to be in the office full-time.
• Hybrid - Hybrid work from home and office. Role dictates the ability to work from home, plus benefit from in-person collaboration on a regular basis. 
• Remote - 100% remote. Role can be done anywhere within your country of hire, as long as the requirements of the role are met. 

---