Information Security Lead

Overview

Job Description

Responsibilities

• - Assess and improve security policies and risk posture by reviewing audits, prioritizing key improvements, and ensuring compliance with best practices.
• - Manage security configurations and access controls across Google Workspace, AWS/GCP, and SaaS vendors.
• - Lead security operations and incident response, including monitoring alerts, running tabletop exercises, and implementing MDM, patch management, and Zero Trust initiatives.
• - Drive security awareness and training, working with internal teams to enhance security practices, refine IAM roles, and strengthen data protection.
• - Support IT operations and system security – act as a backup for our Head of IT, assisting with access management, IT troubleshooting, and ensuring secure day-to-day operations.

Required Skills

• - 5+ years of experience in cybersecurity, IT security, or a related field, with a focus on policy development, risk management, and incident response.
• - Strong understanding of identity and access management (IAM), data protection, compliance frameworks (e.g., GDPR, SOC 2, ISO 27001), and security operations.
• - Hands-on experience managing security configurations in Google Workspace, AWS/GCP, and SaaS applications.
• - Experience developing and implementing security policies, including asset management, risk governance, and third-party risk management.
• - Strong communication skills and experience collaborating across IT, legal, and engineering teams.

Benefits

• - 401k with matching contributions
• - Medical/Dental/Vision
• - Flexible Spending Account (FSA)
• - 4 weeks vacation in addition to 13 standard holidays, and personal/sick time
• - Annual education budget for conferences, books, and other professional development opportunities
• - Annual all-company retreat and annual Engineering & Data meetup
• - Field visits to our Country Ops teams in coffee-growing countries such as Colombia, Costa Rica, Ethiopia, and Indonesia