Head Of Information Security

About the team

Typeform is a leading provider of innovative survey and data collection solutions, known for our flagship product, Typeform. We empower businesses and organizations worldwide to collect, manage, and analyze data more interactively and engagingly. We are a product led company that processes the information of millions of customers and responders and as a result, takes security seriously.

 

About the role

In your role as Head of Information Security, you are responsible for continuously assessing and improving our information security maturity across all areas of our rapidly expanding business. You will lead a small but mighty team responsible for information security at Typeform.

Your success depends on high-quality risk analysis, risk management, and continued audit compliance. You will play an instrumental role in educating and guiding internal teams, such as Engineering, Product, and IT as well as ensuring that we sell Information Security to our customers and partners.

Supporting, implementing, and operationalizing security within the organization is your responsibility. You'll translate compliance and risk management policies and guidelines into practical product engineering practices. 

What You’ll Do

• Lead a small but mighty Information Security team with a focus on enabling security to support our customers and partners, and internal stakeholders
• Lead the audit activities for our SOC2, ISO27001, 27018, 27017, HIPAA, and GDPR certifications 
• Develop policies for security awareness and compliance
• Develop, implement, and manage robust Information Security Management Systems and ensure company compliance with information security policies.
• Develop and implement a proactive and consistent approach to security, including platform security, product security, corporate security, and physical security.
• Enhance our security policies, procedures, and guidelines continuously by conducting ongoing assessments and analyses.
• Ensure the security of new vendors and suppliers (Monitor closely the activities of external vendors who have access to the internal network)
• Perform the functions of a DPO and HIPAA Security Officer
• Represent Information Security at Typeform on customer calls with Account Executives

 

What do you bring to the table?

• Significant experience in a similar information security leadership position, within a growth B2B SaaS environment
• Hold CISM or other similarly relevant Information Security Certifications
• An understanding of agile software development and secure software development lifecycles.
• Strong communication, critical thinking, and problem-solving skills with a drive to take initiative.
• Experience integrating security into small teams' workflows and experiences
• Certifications and audits with a strong track record
• A meticulous and attention-to-detail approach with a strong process-orientation
• Experience with ISO 27001 and SOC2 Type 2
• It is a plus if you have a university degree in computer security.