Head of Information Security, IT, Governance, Risk, and Compliance

Predictive analytics and machine learning power Socure’s groundbreaking technology and fuel our mission to verify 100% of good identities in real time and completely eliminate identity fraud on the internet.

Socure is the world leader in digital identity verification and fraud prevention. Our recent awards include Forbes 2022 America’s Best Startup Employers, The Forbes Cloud 100, The Deloitte Technology Fast 500, and Inc. 5000’s fastest growing companies.

Listen to why some of the world’s top technology investors see the enormous, transformative potential in Socure’s mission and products:

https://www.youtube.com/watch?v=ifM9_jPQCv8

Overview:

Socure is the leading platform for digital identity verification and fraud detection. We harness cutting-edge AI and machine learning to deliver real-time, predictive analytics that help financial institutions, government agencies, and enterprises securely onboard customers and thwart fraud. Trusted by some of the world’s largest organizations, we are on a mission to eliminate identity fraud and build a future where all digital identities are trusted.

As a rapidly growing technology company, Socure is committed to maintaining the highest standards of data security, privacy, and compliance. We are looking for a dynamic and experienced leader to head our Information Security, IT, Governance, Risk, and Compliance (GRC) functions, ensuring that our technology, processes, and policies continue to meet the demands of a fast-evolving regulatory landscape and an ever-changing threat environment.

Position Overview

As the Head of Information Security, IT, GRC, you will be responsible for shaping Socure’s global security and compliance posture. Reporting to the CTO, you will develop and execute a strategic roadmap for information security, IT operations, regulatory compliance, and risk management. This role demands forward-thinking leadership, deep technical expertise, and exceptional stakeholder management skills, ensuring Socure remains an industry leader in safeguarding digital identities.

Key Responsibilities:

Security & Risk Strategy

• Define, implement, and maintain Socure’s overall security strategy and roadmap in alignment with business goals.

• Continuously evaluate emerging threats and industry trends, adapting the security strategy to anticipate and mitigate risks.

Governance & Compliance

• Oversee Socure’s governance frameworks and compliance with relevant regulations and standards (e.g., SOC 2, ISO 27001, GDPR, PCI-DSS).

• Ensure continuous readiness for audits and certifications, partnering closely with external auditors and internal stakeholders

• Develop and maintain company-wide security and compliance policies, ensuring they remain current and well-communicated.

IT Infrastructure & Operations

• Lead the IT function, overseeing day-to-day technology operations, infrastructure, and service delivery to support Socure’s global workforce.

• Collaborate with Engineering, Product, and Data Science teams to ensure secure and efficient deployment of systems, platforms, and applications.

• Manage vendor relationships, contract negotiations, and service-level agreements for critical technology services.

Enterprise Risk Management

• Develop and operationalize a robust risk management program, identifying and assessing key technical, operational, and strategic risks.

• Establish risk thresholds and reporting frameworks to inform executive leadership and guide risk mitigation strategies.

• Ensure a consistent and repeatable process for risk assessments, documentation, and remediation tracking.

Incident Response & Business Continuity

• Oversee security monitoring and incident response processes, including detection, containment, remediation, and post-incident reviews.

• Continuously update and test business continuity and disaster recovery plans to minimize disruption and ensure rapid recovery.

Leadership & Team Building

• Hire, mentor, and develop a high-performing GRC and IT team, fostering a culture of ownership, innovation, and continuous improvement.

• Champion security and compliance best practices across the   organization through training, awareness programs, and effective stakeholder engagement.

Stakeholder Collaboration

• Serve as a key advisor to executive leadership on all matters related to security, IT governance, risk, and compliance.

• Partner with Product and Engineering teams to embed security from design through deployment, ensuring best-in-class security features for our customers.

• Communicate proactively with clients, prospects, partners, and regulatory bodies regarding Socure’s security posture and risk management initiatives.

Qualifications

Education & Certifications

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (Master’s degree preferred).

• Relevant industry certifications (e.g., CISSP, CISM, CRISC, CISA)
  strongly preferred.

Soft Skills

• Exceptional communication skills, capable of conveying complex technical topics to diverse audiences, including executives, clients, and regulators.

• Strong analytical and problem-solving capabilities, with a data-driven mindset.

• Proven ability to build and maintain relationships across technical and non-technical teams.

Experience

• 10+ years of progressively responsible experience in information security, IT governance, risk management, and compliance roles.

• 5+ years of leadership experience, managing cross-functional teams in a high-growth technology or fintech environment.

• Demonstrated success in developing security programs and achieving major compliance milestones (e.g., SOC 2 Type II, ISO 27001).

Technical & Domain Expertise

• Comprehensive knowledge of security technologies (e.g., SIEM, EDR, network security, identity and access management).

• Strong understanding of cloud platforms (AWS, Azure, or GCP) and modern DevOps practices.

• Familiarity with emerging identity verification standards and fintech-specific compliance requirements a plus.

Socure is all about encouraging people to push the boundaries of what’s possible through top-tier performance, innovation, ownership, and shared expertise.

We empower excellence by providing great perks and benefits to both our fully remote employees in North America and our hybrid teams in India.

To learn more, check out Socure’s Career Page: https://www.socure.com/company/careers

Socure is an equal opportunity employer and value diversity of all kinds at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

To learn more about how our work is changing the world, check out these articles and videos:

• Socure is Forbes' 2022 Best Startup Employer: https://bit.ly/3fbNw8S

• Socure Accelerates Onboarding for 50+ Crypto, Neobanks, and More: https://bit.ly/3dwN2K7

• Socure's Impact on Financial Inclusion: https://www.youtube.com/watch?v=Y6nBc6s1wsU

• Socure's Impact on Fraud Prevention: https://www.youtube.com/watch?v=M46UG8QyKe4

• Archives & Press Releases: https://learn.socure.com/about/press-release

Please note that we do not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Services Agreement, we will not consider, or agree to, payment of any referral compensation or recruiter fee. In the event that a recruiter or agency submits a resume or candidate without a previously signed agreement, we explicitly reserve the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency.