Socure is the leading platform for digital identity verification and trust. Its predictive analytics platform applies artificial intelligence and machine learning techniques with trusted online/offline data intelligence from email, phone, address, IP, device, velocity, and the broader internet to verify identities in real time. The company has more than 2,000 customers across the financial services, government, gaming, healthcare, telecom, and e-commerce industries, including four of the top five banks, seven of the top 10 card issuers, three of the top MSBs, the top payroll provider, the top credit bureau, the top online gaming operator, the top Buy Now, Pay Later (BNPL) providers, and over 250 of the largest fintechs. Marquee customers include Chime, SoFi, Varo, Robinhood, Public, Stash, Gusto, and DraftKings. Socure customers have become investors in the company including Citi Ventures, Capital One Ventures, MVB Bank, and Synchrony. Additional investors include Accel, T. Rowe Price, Bain Capital Ventures, Tiger Global, Commerce Ventures, Scale Venture Partners, Sorenson, Flint Capital, Two Sigma Ventures, and others. Socure has received numerous industry awards and accolades, including named to the 2021 & 2022 Forbes Cloud 100 List, Forbes’ Fintech 50 List 2021, and Forbes’ America’s Best Startup Employers 2021, being named to CB Insights: The Fintech 250 for the third year in a row, being awarded Best New Technology Introduced Over the Last 12 Months—Data and Data Services at the 2020 American Financial Technology Awards (AFTAs), being ranked number 70 in Deloitte’s Technology Fast 500™, being listed as a Gartner Cool Vendor, being recognized by Forbes as one of the Top 25 Machine Learning Startups to Watch, being awarded Finovate’s Award for Best Use of AI/ML, to name a few. Founder/CEO Johnny Ayers has also been recognized by Goldman Sachs as one of the 100 Most Intriguing Entrepreneurs of 2021 and as an EY Entrepreneur of the Year 2022.

Predictive analytics and machine learning power Socure’s groundbreaking technology and fuel our mission to verify 100% of good identities in real time and completely eliminate identity fraud on the internet.

Socure is the world leader in digital identity verification and fraud prevention. Our recent awards include Forbes 2022 America’s Best Startup Employers, The Forbes Cloud 100, The Deloitte Technology Fast 500, and Inc. 5000’s fastest growing companies.

Listen to why some of the world’s top technology investors see the enormous, transformative potential in Socure’s mission and products:

https://www.youtube.com/watch?v=ifM9_jPQCv8

Overview:

Socure is the leading platform for digital identity verification and fraud detection. We harness cutting-edge AI and machine learning to deliver real-time, predictive analytics that help financial institutions, government agencies, and enterprises securely onboard customers and thwart fraud. Trusted by some of the world’s largest organizations, we are on a mission to eliminate identity fraud and build a future where all digital identities are trusted.

As a rapidly growing technology company, Socure is committed to maintaining the highest standards of data security, privacy, and compliance. We are looking for a dynamic and experienced leader to head our Information Security, IT, Governance, Risk, and Compliance (GRC) functions, ensuring that our technology, processes, and policies continue to meet the demands of a fast-evolving regulatory landscape and an ever-changing threat environment.

Position Overview

As the Head of Information Security, IT, GRC, you will be responsible for shaping Socure’s global security and compliance posture. Reporting to the CTO, you will develop and execute a strategic roadmap for information security, IT operations, regulatory compliance, and risk management. This role demands forward-thinking leadership, deep technical expertise, and exceptional stakeholder management skills, ensuring Socure remains an industry leader in safeguarding digital identities.

Key Responsibilities:

Security & Risk Strategy

Define, implement, and maintain Socure’s overall security strategy and roadmap in alignment with business goals.
Continuously evaluate emerging threats and industry trends, adapting the security strategy to anticipate and mitigate risks.

Governance & Compliance

Oversee Socure’s governance frameworks and compliance with relevant regulations and standards (e.g., SOC 2, ISO 27001, GDPR, PCI-DSS).
Ensure continuous readiness for audits and certifications, partnering closely with external auditors and internal stakeholders
Develop and maintain company-wide security and compliance policies, ensuring they remain current and well-communicated.

IT Infrastructure & Operations

Lead the IT function, overseeing day-to-day technology operations, infrastructure, and service delivery to support Socure’s global workforce.
Collaborate with Engineering, Product, and Data Science teams to ensure secure and efficient deployment of systems, platforms, and applications.
Manage vendor relationships, contract negotiations, and service-level agreements for critical technology services.

Enterprise Risk Management

Develop and operationalize a robust risk management program, identifying and assessing key technical, operational, and strategic risks.
Establish risk thresholds and reporting frameworks to inform executive leadership and guide risk mitigation strategies.
Ensure a consistent and repeatable process for risk assessments, documentation, and remediation tracking.

Incident Response & Business Continuity

Oversee security monitoring and incident response processes, including detection, containment, remediation, and post-incident reviews.
Continuously update and test business continuity and disaster recovery plans to minimize disruption and ensure rapid recovery.

Leadership & Team Building

Hire, mentor, and develop a high-performing GRC and IT team, fostering a culture of ownership, innovation, and continuous improvement.
Champion security and compliance best practices across the organization through training, awareness programs, and effective stakeholder engagement.

Stakeholder Collaboration

Serve as a key advisor to executive leadership on all matters related to security, IT governance, risk, and compliance.
Partner with Product and Engineering teams to embed security from design through deployment, ensuring best-in-class security features for our customers.
Communicate proactively with clients, prospects, partners, and regulatory bodies regarding Socure’s security posture and risk management initiatives.

Qualifications

Education & Certifications

Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (Master’s degree preferred).
Relevant industry certifications (e.g., CISSP, CISM, CRISC, CISA)
strongly preferred.

Soft Skills

Exceptional communication skills, capable of conveying complex technical topics to diverse audiences, including executives, clients, and regulators.
Strong analytical and problem-solving capabilities, with a data-driven mindset.
Proven ability to build and maintain relationships across technical and non-technical teams.

Experience

10+ years of progressively responsible experience in information security, IT governance, risk management, and compliance roles.
5+ years of leadership experience, managing cross-functional teams in a high-growth technology or fintech environment.
Demonstrated success in developing security programs and achieving major compliance milestones (e.g., SOC 2 Type II, ISO 27001).

Technical & Domain Expertise

Comprehensive knowledge of security technologies (e.g., SIEM, EDR, network security, identity and access management).
Strong understanding of cloud platforms (AWS, Azure, or GCP) and modern DevOps practices.
Familiarity with emerging identity verification standards and fintech-specific compliance requirements a plus.

Socure is all about encouraging people to push the boundaries of what’s possible through top-tier performance, innovation, ownership, and shared expertise.

We empower excellence by providing great perks and benefits to both our fully remote employees in North America and our hybrid teams in India.

To learn more, check out Socure’s Career Page: https://www.socure.com/company/careers

Socure is an equal opportunity employer and value diversity of all kinds at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

To learn more about how our work is changing the world, check out these articles and videos:

Socure is Forbes' 2022 Best Startup Employer: https://bit.ly/3fbNw8S
Socure Accelerates Onboarding for 50+ Crypto, Neobanks, and More: https://bit.ly/3dwN2K7
Socure's Impact on Financial Inclusion: https://www.youtube.com/watch?v=Y6nBc6s1wsU
Socure's Impact on Fraud Prevention: https://www.youtube.com/watch?v=M46UG8QyKe4
Archives & Press Releases: https://learn.socure.com/about/press-release

Please note that we do not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Services Agreement, we will not consider, or agree to, payment of any referral compensation or recruiter fee. In the event that a recruiter or agency submits a resume or candidate without a previously signed agreement, we explicitly reserve the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency.

Head of Information Security, IT, Governance, Risk, and Compliance

Offer summary

Qualifications:

Key responsabilities:

Job description

Enterprise Risk Management

Required profile

Experience

Hard Skills

Other Skills

Head of Cybersecurity Related jobs

Cybersecurity Intern

Cybersecurity Referent (m/w/d)

Cybersecurity Referent (m/w/d)

CyberSecurity