The Information Security Manager role is a senior-level position focused on safeguarding a modern SaaS platform while ensuring regulatory compliance and business resilience. This role is ideal for experienced security professionals who are passionate about data protection, risk management, and building secure systems in a fast-growing, remote-first environment.
About the Company
Horizons is building the infrastructure that powers borderless teams. Through its technology, Horizons enables companies to hire anyone, anywhere in the world while remaining fully compliant with global payroll, tax, benefits, and employment regulations.
The company is committed to diversity, inclusion, and equal opportunity, fostering a global and collaborative culture. Being a “Horizoneer” means joining an international team united by the mission of helping people work in their dream jobs, from anywhere in the world.
Responsibilities
- Lead company-wide certification efforts, including SOC2 and ISO 27001
- Coordinate external penetration testing activities
- Complete security questionnaires for customers and partners
- Conduct internal audits against industry-standard security frameworks
- Develop and implement IT security strategies aligned with business objectives
- Maintain and manage the information security risk registry
- Coach internal teams on security and compliance best practices
- Coordinate implementation of security controls with the DevOps team
- Research and recommend new security technologies and improvements
- Ensure compliance with data protection laws and standards such as GDPR
- Identify cyber security risks and potential data breach exposures
- Oversee incident response planning and execution
- Define and track information security goals, metrics, and roadmaps
- Evaluate business impact of security incidents and advise leadership
Requirements
- Bachelor’s degree in Computer Science or a related field
- Minimum of 5 years’ experience in Information Security or IT management roles
- Extensive knowledge of SOC2, ISO 27001, and related security frameworks
- Proven experience developing and implementing security strategies
- Strong project management capabilities
- Excellent written and verbal communication skills
- Professional proficiency in English
Skills
- Strategic thinking and security leadership
- Risk assessment and compliance management
- Strong collaboration with engineering and DevOps teams
- Effective communication and presentation skills
- Ability to manage complex security initiatives
- Ownership mindset with a focus on continuous improvement
Desired Knowledge
- Experience working in startup environments, particularly SaaS products
- Familiarity with third-party security platforms such as Vanta or Tugboat
- Expertise in cloud infrastructure management, preferably AWS
- Understanding of modern cybersecurity threats and mitigation techniques
- Knowledge of scalable security architectures for distributed teams
Benefits
- Competitive salary
- Remote-first or hybrid working environment
- Asynchronous work culture
- Opportunity to work from abroad for short periods
- Career growth and internal development opportunities
- Inclusive, international team culture
- Hardware provided from day one to support remote work success
