- Develop and oversee the migration to the latest version of ISO 27001, ensuring our security practices meet contemporary standards and integrate smoothly with our existing processes.
- Maintain PII, legal, supplier and client registers, manage supplier onboarding and perform risk assessments.
- Keep our continuous improvement process for our ISMS up and running and be the SPOC for the organisation, auditors and external parties..
- Evaluate and assess other compliance programs, such as SOC 2 Type II or B-CORP, and take the lead in the implementation including definition of controls and ensuring the adherence to reporting requirements.
- Provide operational IT support from a security perspective, including executing access requests, managing authentication and authorisation in IT systems.
- Evaluate, select, and maintain security tools and software, building relationships with vendors, and negotiating contracts to support the startup’s technological growth.
- Assist with IT buying decisions by assessing the security implications of new software and hardware, and ensuring compatibility with existing systems.
- Design and implement secure tool configurations and integration workflows that maintain data integrity and support operational efficiency.
- Support functional configuration of tools and integration workflows that meet business functional requirements.
- Conduct regular security assessments and IT support audits to proactively address vulnerabilities and ensure continuous system and network security.
- Drive the development of security and IT support policies, and deliver training and guidance to all staff to foster a culture of security awareness and best practices.
- Assist in due diligence procedures during fundraising rounds or during (client) audits.