Head of Information Security

Full job description
At FrankieOne, where we revolutionise identity verification and onboarding to be swift, seamless, and scalable, your role as Head of Information Security is crucial. You will ensure that our platform and supporting infrastructure is well protected against external threats, is secure by design and that a strong general security awareness is maintained throughout the organisation. You will provide and execute on a range of security and compliance matters, and further develop FrankieOne’s highly regarded and trusted platform.

We are seeking an experienced InfoSec leader to take over and lead the security, risk and compliance posture of our organisation. The ideal candidate will have a strong technical background in cybersecurity ideally in cloud-based SaaS businesses, a proactive and commercial approach to identifying and mitigating risks, with the ability to collaborate effectively with cross-functional teams. This role offers an exciting opportunity to play a key role in shaping the security strategy of a growing startup.

Reporting to the CFO, the Head of Information Security will be responsible for maintaining and further developing our cyber security and resilience strategy and supporting programmes. You will also ensure we maintain our ISO 27001 compliance and SOC 2 audits, building upon these foundations to take FrankieOne’s security posture into the future.

Your Ticket to Success: Be an advocate.

For FrankieOne, for the product, for our people, and for our values.

You must possess exceptional technical expertise in cybersecurity, coupled with strong leadership, strategic and commercial thinking skills. You should be adept at risk management, incident response, and regulatory compliance, particularly within the context of ISO 27001, SOC 2 and both Australian and international data privacy regulations. Effective communication skills are essential, as the Head of InfoSec must liaise with other senior management, stakeholders, and regulatory bodies. Additionally, a deep understanding of the latest cybersecurity threats and trends, as well as the ability to implement robust security frameworks and policies, is crucial.

Key Responsibilities

Develop and implement a comprehensive information security strategy.
Manage and monitor cybersecurity systems and tools with the support of your team.
Lead review and ensure compliance with financial and privacy regulations and standards.
Lead and ensure the appropriate response to security incidents and breaches, including forensic investigations.
Conduct regular security audits and assessments to identify vulnerabilities.
Collaborate with People, Product, Engineering, IT and other departments to ensure security is integrated into all business processes.
Provide a pragmatic and commercial lens when reviewing security and product decisions.
Evaluate and manage vendors, suppliers and service partners to maintain high standards of security, including contracts and SLAs include appropriate security terms.
Provide regular updates to senior management on security status and risks.
Manage the information security budget and resources effectively.
Train and educate employees on cybersecurity best practices.
Establish and maintain relationships with regulatory bodies and industry organisations. Read more