IT & Information Security Manager

Bringg is looking for a hands-on IT & Security Manager to lead our internal IT systems and support company-wide information security. 
This "one-man-show" role is perfect for someone who enjoys being strategic and tactical - setting direction for IT, making key decisions, and rolling up their sleeves when issues arise.

You’ll be the go-to person for IT support, security best practices, and system improvements, helping the company run smoothly and securely every day.

Key Responsibilities

Information Security & Risk

• Build and maintain a pragmatic information security and IT risk management program aligned with business priorities.
• Lead security risk assessments and drive remediation in partnership with engineering, IT, and business teams.
• Define and maintain security policies, standards, and secure-by-design practices in collaboration with our Product House organization.
• Promote security awareness and accountability across the company, including ownership of employee security training programs. 

IT Ownership

• Own Bringg’s internal IT environment, including identity and access management (e.g., Okta), Google Workspace, endpoints, and core SaaS tools.
• Ensure smooth employee onboarding and offboarding.
• Act as a point of escalation for IT issues and access problems, including hands-on work.
• Manage external IT service providers and helpdesk vendors, including SLAs and escalation.

Security Operations

• Own the overall effectiveness of security monitoring, detection, and response.
• Design and maintain preventive controls, processes, and readiness measures to reduce the likelihood and impact of data security incidents.
• Ensure vulnerabilities, findings, and incidents are identified, prioritized, and addressed.
• Lead preparation for security incidents, including incident response planning, tabletop exercises, and coordination with Legal, Product House, and external partners.
• Stay current on emerging threats and translate them into practical, risk-based improvements for the business.

Audits, Customers & Vendors

• Lead security audits and certifications (e.g., SOC 2, ISO 27001) and serve as the primary contact for auditors.
• Personally own customer security questionnaires and security discussions.
• Partner closely with Legal on privacy, regulatory, and contractual security matters.
• Oversee the IT and security budget and manage relevant vendors and advisors.

Experience & Qualifications

• 8+ years of experience across IT operations and information security, preferably in a SaaS or cloud environment.
• Hands-on experience with enterprise IT systems (e.g., Google Workspace, Okta) and security governance frameworks (SOC 2, ISO 27001).
• Experience supporting audits, certifications, and customer security requirements.
• Ability to manage vendors and drive outcomes through others.
• Strong communication skills and sound judgment in balancing risk, speed, and practicality.
• Security certifications (e.g., CISSP, CISM) are a plus, not a requirement.
• Full professional proficiency in English is required.

How This Role Works

• You are a visible and trusted partner to the business on IT and security matters, bringing context, judgment, and practical perspective.
• You are responsible for designing and running an IT and security operating model that is resilient, accountable, and provides excellent service to the business.
• You decide how work is structured, where external support makes sense, and how vendors and tools are combined to form a robust, reliable IT and security function.
• While you are deeply knowledgeable and hands-on when needed, success is measured by clarity, responsiveness, and resilient systems, not heroics.

Why This Role Matters

This role sits at the intersection of employee experience, operational resilience, and customer trust. You will be trusted to make decisions, protect the company and its customers, and build systems that scale, while remaining a visible and approachable partner to the business.