IT & Information Security Manager

Bringg is looking for a hands-on IT & Security Manager to lead our internal IT systems and support company-wide information security. 
This "one-man-show" role is perfect for someone who enjoys being strategic and tactical - setting direction for IT, making key decisions, and rolling up their sleeves when issues arise.

You’ll be the go-to person for IT support, security best practices, and system improvements, helping the company run smoothly and securely every day.

Key Responsibilities

Information Security & Risk

• Build and maintain a pragmatic information security and IT risk management program aligned with business priorities.
• Lead security risk assessments and drive remediation in partnership with engineering, IT, and business teams.
• Define and maintain security policies, standards, and secure-by-design practices in collaboration with our Product House organization.
• Promote security awareness and accountability across the company, including ownership of employee security training programs. 

IT Ownership

• Own Bringg’s internal IT environment, including identity and access management (e.g., Okta), Google Workspace, endpoints, and core SaaS tools.
• Ensure smooth employee onboarding and offboarding.
• Act as a point of escalation for IT issues and access problems, including hands-on work.
• Manage external IT service providers and helpdesk vendors, including SLAs and escalation.

Security Operations

• Own the overall effectiveness of security monitoring, detection, and response.
• Design and maintain preventive controls, processes, and readiness measures to reduce the likelihood and impact of data security incidents.
• Ensure vulnerabilities, findings, and incidents are identified, prioritized, and addressed.
• Lead preparation for security incidents, including incident response planning, tabletop exercises, and coordination with Legal, Product House, and external partners.
• Stay current on emerging threats and translate them into practical, risk-based improvements for the business.

Audits, Customers & Vendors

• Lead security audits and certifications (e.g., SOC 2, ISO 27001) and serve as the primary contact for auditors.
• Personally own customer security questionnaires and security discussions.
• Partner closely with Legal on privacy, regulatory, and contractual security matters.
• Oversee the IT and security budget and manage relevant vendors and advisors.

Experience & Qualifications

• 8+ years of experience across IT operations and information security, preferably in a SaaS or cloud environment.
• Hands-on experience with enterprise IT systems (e.g., Google Workspace, Okta) and security governance frameworks (SOC 2, ISO 27001).
• Experience supporting audits, certifications, and customer security requirements.
• Ability to manage vendors and drive outcomes through others.
• Strong communication skills and sound judgment in balancing risk, speed, and practicality.
• Security certifications (e.g., CISSP, CISM) are a plus, not a requirement.
• Full professional proficiency in English is required.

How This Role Works

• You are a visible and trusted partner to the business on IT and security matters, bringing context, judgment, and practical perspective.
• You are responsible for designing and running an IT and security operating model that is resilient, accountable, and provides excellent service to the business.
• You decide how work is structured, where external support makes sense, and how vendors and tools are combined to form a robust, reliable IT and security function.
&l