Postdoctoral Research Fellow in Cyber Security driving research impacting cyberpsychology and resilience. Collaborating with industry experts and contributing to educational supervision in a vibrant research group.
About the role
- Lead Information Security program ensuring compliance and protection for AI-powered talent platform. Collaborate with HR and oversee security operations for a global company.
Responsibilities
- Lead the security program for our AI-powered talent platform
- Maintain Beamery's ISO/IEC 42001 certification
- Lead AI risk assessments and impact evaluations for systems processing candidate and employee data
- Embed security-by-design principles in AI development
- Design and maintain enterprise security program aligned with ISO 27001 and SOC 2 Type II
- Lead security operations including vulnerability management, penetration testing, SIEM monitoring, incident response, and business continuity planning
- Oversee cloud security for AWS, Google Cloud, and Azure environments
- Manage vendor security assessments and third-party risk management
- Build security awareness culture through training and ongoing education programs
- Ensure compliance with GDPR, CCPA/CPRA, UK DPA, and emerging global privacy regulations
- Oversee DPIAs for high-risk processing activities, data breach procedures, and data subject rights fulfillment
- Implement privacy controls including data minimization, purpose limitation, and lawful basis documentation
- Manage DPAs with customers and Standard Contractual Clauses for international data transfers
- Partner with HR to align information security controls with internal HR compliance requirements
- Ensure platform compliance with AI hiring regulations (NYC Local Law 144, EU AI Act)
- Collaborate with Product to build transparency and explainability into AI-powered screening tools
- Lead external audits including SOC 2 Type II, ISO 27001, ISO 42001, and customer security assessments
- Maintain audit-ready documentation and monitor evolving regulatory landscape
- Support Sales with security expertise to accelerate deal closure
- Partner with Engineering and Product to translate compliance requirements into scalable technical controls
- Build security and compliance into M&A readiness planning
Requirements
- 10-15 years information security and compliance experience with 5+ years in leadership roles, preferably in B2B SaaS or HR technology
- Deep expertise in ISO 27001, SOC 2, GDPR, and CCPA with proven track record achieving and maintaining certifications
- Strong understanding of AI governance and emerging AI regulations (ISO 42001, EU AI Act) as applied to employment technology
- Hands-on experience with cloud security architecture and DevSecOps practices across AWS, Google Cloud, or Azure
- Demonstrated success building security and compliance programs including policy development, control implementation, and team building
- Experience managing external audits and supporting enterprise sales cycles with security/compliance expertise
- Exceptional communication skills with ability to translate technical concepts for executives, board members, and customers
- Strong business acumen to balance security requirements with business objectives in fast-paced environments.
- CISSP required; CISM, CRISC, or CISA strongly preferred
- CIPM or CIPP/E highly desirable
- Bachelor's degree in Computer Science, Information Security, or related technical field; Master's degree preferred
Benefits
- Diversity and open expression culture
- Support for reasonable adjustments and adaptations during recruitment
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Platform Account Executive driving Platform Cloud product sales at Salesforce. Collaborating closely with Account Owners to deliver insights and achieve sales quotas.
Information Security Intern assisting with components of Benjamin Moore's information security program. Responsibilities include documentation, compliance monitoring, and forensic analysis.
Specialist in Information Security at Lojas Renner responsible for monitoring and addressing security incidents. Collaborating with various teams on data protection strategies and leadership preparation.
Cybersecurity Specialist at Caixa Vida e Previdência ensuring safety in various technology solutions. Collaborating with teams to implement security measures and respond to incidents.
GRC Analyst enhancing governance, risk, and compliance practices within Sword, focusing on cybersecurity standards and configuration management.
Técnico de Segurança do Trabalho at Cia do Treinamento responsible for training clients on safety regulations and conducting safety assessments. Seeking professionals passionate about safety and compliance across Brazil.
Ingénieur en sécurité physique participant à des projets d’envergure au sein de Stantec. Analysant besoins, concevant systèmes de sécurité et préparant documentation technique.
System Security Engineer strengthening cybersecurity posture across on - premise and hybrid environments. Focused on Windows infrastructure security, identity management, and compliance.
Security Testing Lead overseeing application security testing activities at Computer World Services. Ensuring continuous identification and remediation of application security risks through dynamic testing methods.