Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
HICX

Information Security Manager

HICX

Information Security Manager at HICX managing internal IT functions and security strategy. Working remotely and ensuring compliance with security standards like SOC 2 and ISO 27001.

Posted 6/25/2026full-timeRemote • 🇷🇴 RomaniaMid-LevelSeniorWebsite

Tech Stack

Tools & technologies
AWSAzureCloud

About the role

Key responsibilities & impact
  • Set up and drive the overall information security strategy.
  • Own the ISMS standards and their adoption, ensuring compliance with company and external requirements including SOC 2 and ISO 27001.
  • Organise and manage ISMS-related scheduled activities and drive continuous improvement of the ISMS.
  • Contribute to security architecture and design decisions.
  • Oversee security tooling such as EDR, SIEM, MFA, password managers, device management, and access review processes.
  • Act as the primary escalation point, during and outside business hours, for all major security-related incidents and events.
  • Coordinate and manage corrective actions and responses to security incidents.
  • Own security documentation, including policies, standards, exceptions, risk registers, and control evidence.
  • Oversee the internal risk-assessment and audit programme, supporting internal and external audits, remediating findings, and tracking control improvements to closure.
  • Support vendor and supplier risk management, including due diligence, sub-processor oversight, and security assessments.
  • Own the access control process, validate and audit access across divisions and functions.
  • Provide management reporting on risk posture, incidents, audit status, metrics, service trends, and improvement plans.
  • Work with engineering, DevOps, HR, and customer facing teams to embed controls into everyday processes.
  • Drive ongoing security governance improvements.
  • Address data privacy and data protection concerns, and manage responses to customer data privacy requests.
  • Act as Data Protection Officer (DPO) for the organisation if and as required.
  • Help enforce security policies, building adoption, embedding them in the company culture, and introducing regular checks on departmental compliance.
  • Own and deliver security awareness training and campaigns to strengthen the security culture.
  • Complete security-related sections of RFPs and customer questionnaires, build and maintain a security knowledge base, and provide assurance of the integrity, confidentiality, and availability of information owned, controlled, and processed by the organisation.
  • Attend meetings with customers and prospects to provide insights into how HICX implements security across the organization.
  • Manage a small team of IT support admins providing internal IT support to HICX employees and contractors.
  • Act as the escalation point for complex IT issues, incidents, and problems requiring cross-team coordination.
  • Ensure IT support activities align with security controls, access management, and acceptable use requirements.
  • Oversee onboarding, offboarding, account lifecycle management, and device provisioning/deprovisioning.
  • Own and maintain standard operating procedures and the operations platform.
  • Help balance usability, cost, and security when selecting or renewing SaaS and IT tools.
  • Carry out other reasonable duties as required by the Company.

Requirements

What you’ll need
  • Excellent track record of leading security audits; ISO 27001, SOC 2, Cyber Essentials Plus
  • Proven experience in a senior information security leadership role (Head of Security, Information Security Manager, or similar), ideally within a SaaS or technology business.
  • Demonstrable experience building, operating, and maturing an ISMS, including achieving and maintaining SOC 2 and ISO 27001 certification.
  • Strong, hands-on knowledge of security tooling and controls; EDR, SIEM, MFA, identity and access management, device/endpoint management, and vulnerability management.
  • Solid understanding of cloud security (AWS, Azure, and Microsoft 365 admin suite)
  • Experience leading end-to-end security incident response, including out-of-hours management of major incidents.
  • Knowledge of UK GDPR/GDPR and global data protection laws, with experience acting as, or working closely with, a Data Protection Officer.
  • Experience of third-party, vendor, and supplier risk management, including due diligence and sub-processor oversight.
  • Experience completing customer security questionnaires and RFPs, maintaining a security knowledge base, and presenting security posture to customers and prospects.
  • Excellent communication skills, with the ability to translate technical risk into clear business language for technical and non-technical audiences, including executives and customers.
  • Strong leadership and people-management skills, with a track record of developing and motivating a small team.
  • Pragmatic, risk-based mindset that balances security with business enablement, usability, and cost.
  • Highly organised, self-motivated, and comfortable working autonomously within a fully remote, international team.
  • Collaborative and influential, able to embed a strong security culture across the whole organisation.
  • Relevant professional certification is desirable (e.g. CISSP, CISM, CISA, or ISO 27001 Lead Implementer/Auditor).
  • Experience managing internal IT operations and a small IT support team, onboarding/offboarding, account lifecycle, device provisioning, and SaaS administration is desirable

Benefits

Comp & perks
  • You must be Based in Bucharest, Romania for this role however can work remotely from this location.
  • Flexible PTO - We offer 25 days of paid holiday per year + 3 Public Holidays.
  • We celebrate special occasions with you - like your birthday! Additional PTO for all employees during their birthdays.
  • Receive Competitive Pay - Our team makes sure to provide a highly competitive rate based on your skills and location.
  • Work with a diverse, international team.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information security strategyISMS standardssecurity architecturesecurity incident responsecloud securityvendor risk managementaccess controlsecurity auditsdata protectionSaaS administration
Soft Skills
leadershipcommunicationcollaborationorganisational skillsself-motivationinfluentialpragmatic mindsetteam developmentautonomyrisk-based thinking
Certifications
ISO 27001SOC 2CISSPCISMCISAISO 27001 Lead ImplementerISO 27001 AuditorCyber Essentials PlusData Protection OfficerGDPR compliance