Director of Information Security ID43394

AgileEngine is an Inc. 5000 company that creates award-winning software for Fortune 500 brands and trailblazing startups across 17+ industries. We rank among the leaders in areas like application development and AI/ML, and our people-first culture has earned us multiple Best Place to Work awards.

WHY JOIN US If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you!

ABOUT THE ROLE As Director of Information Security,

you’ll shape and lead the organization’s global security strategy, ensuring data protection, regulatory compliance, and resilience across all systems. This role offers the opportunity to build and scale a world-class ISMS, influence cross-functional security initiatives, and foster a culture of proactive risk management. You’ll make a lasting impact by aligning cutting-edge InfoSec practices with business growth and innovation.

WHAT YOU WILL DO - Own and continuously improve the company’s Information Security Management System (ISMS) and associated frameworks, policies, and procedures; - Oversee implementation of technical, administrative, and physical security controls across all environments; - Lead risk management, incident response, and vulnerability management programs, ensuring timely detection, containment, and remediation of threats; - Guide compliance initiatives, including maintenance of ISO/IEC 27001 certification; - Partner with Engineering and IT to embed security-by-design practices in product development and infrastructure; - Present security posture, risks, and key metrics to executive leadership and stakeholders; - Promote a company-wide security awareness and training program to strengthen security culture.

MUST HAVES -

8+ years

of progressive experience in information security , including 3+ years in a senior leadership or management role ; - Proven experience building and scaling a security program in

a cloud-first or SaaS environment ; -

Strong knowledge of ISO/IEC 27001 and risk management methodologies ; - Excellent leadership, communication, and stakeholder management skills, with the ability to translate complex technical issues into business language; -

Hands-on understanding of cloud security and modern DevSecOps practices ; - Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field; - Upper-intermediate or higher

English

proficiency.

NICE TO HAVES - Relevant certifications (CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor) are a plus; - Experience implementing Privacy Information Management Systems (ISO/IEC 27701) or SOC 2 Type II; - Background in application security, threat modeling, or red/blue team operations; - Familiarity with security automation, SIEM/SOAR, and modern monitoring technologies.

PERKS AND BENEFITS -

Professional growth:

Mentorship, TechTalks, and personalized growth roadmaps. -

Competitive compensation:

USD-based pay with education, fitness, and team activity budgets. -

Exciting projects:

Modern solutions with Fortune 500 and top product companies. -

Flextime:

Flexible schedule with remote and office options.