- Lead the migration to the latest version of ISO 27001, ensuring that our security practices are up to contemporary standards.
- Maintain PII, legal, supplier and client registers, overseeing supplier onboarding and conducting risk assessments.
- Be Gorilla's client-facing security expert, handling all security and compliance inquiries from sales to production phases.
- Assist in due diligence procedures during fundraising rounds or during (client) audits.
- Keep the continuous improvement process for our ISMS up and running and be the SPOC for the organisation, auditors and external parties.
- Spearhead further compliance programs, such as SOC 2 Type II or B-CORP, defining controls and ensuring adherence to reporting requirements.
- Provide operational IT support from a security perspective, handling access requests, authentication and authorisation in IT systems.
- Assess, select, and maintain security tools and software, building vendor relationships, and negotiating contracts to support our technological growth.
- Assist in IT buying decisions, evaluating the security implications of new software and hardware for compatibility with existing systems.
- Design and implement secure tool configurations and integration workflows maintaining data integrity and supporting operational efficiency.
- Drive the development of security and IT support policies, delivering training and guidance to all staff to foster a culture of security awareness.