Who We Are

Simpplr is the AI-powered intranet for unifying the digital workplace. It brings people, trusted knowledge, apps, and agents into a coherent digital experience. Powered by a proprietary EX Knowledge Graph, Simpplr synthesizes signals and context across connected systems to deliver personalized information and actions. The platform serves as a digital hub supporting communications, engagement, employee services, and work. With low-code extensibility and enterprise-grade security and governance, Simpplr enables confident operation at scale. More than 1,000 organizations — including AAA, the NHS, Penske, and Moderna — trust Simpplr to keep their workforce informed, aligned, and productive. Learn more at simpplr.com.

Job Description:

We are hiring an Information Security Manager to support our IT operations and protect our corporate digital assets by developing and implementing security policies, overseeing security systems and leading incident response.

In this role, you’ll work at the intersection of IT infrastructure and cloud application including AI-driven product development. You’ll be responsible for security policy management, risk register maintenance and business continuity planning and operations. You will also partner with internal stakeholders and external parties for privacy and security audits and certifications..

This is a highly collaborative role that involves excellent collaboration skills with internal and external parties to manage and uplevel Simpplr’s security posture and continue Simpplr’s demonstrated security leadership position.

Key Responsibilities:

Develop, implement, and maintain security policies, procedures, and guidelines to protect information assets and to ensure compliance.
Assess system vulnerabilities, identify security risks, and implement risk mitigation strategies. Ensure that the risk register is kept up to date.
Ensure that all IT systems are up to date with required patches and configuration and required controls are in place to manage and monitor corporate devices.
Manage and respond to security incidents, conduct investigations and coordinate recovery efforts.
Ensure the organization adheres to industry standards and relevant regulations, and conduct regular security audits and security committee meetings.
Closely collaborate with internal and external parties to manage internal and external audits towards successful ISO 27001, ISO 27701 and SOC 2 certifications.
Data Privacy Framework: Ensure compliance with Data Privacy Framework.
Develop and deliver security awareness training to educate employees on best security practices and policies.
Manage and support vendor onboarding process including vendor evaluation and security assessment.

Minimum Qualifications:

8+ years of experience in IT with a focus on information security.
Prior experience with managing and orchestrating security audits and certifications (ISO 27001, ISO 27701, SOC 2 at a minimum).
Prior experience with policies and procedures management.
Knowledge of controls related to the use, processing, storage, and transmission of data.
Proficiency in identifying, assessing, and mitigating security risks and maintaining the risk register.
Leadership & Management: Ability to lead and manage IT and information security programs.
Effectively communicate security risks, policies, and procedures to stakeholders and employees.
A bachelor's degree in cybersecurity, computer science, or a related field.

Preferred Qualifications:

Prior experience with ISO 42001.
Understanding of data governance and compliance policies in the US, EU, Australia and Canada.
Certifications like CISM, CISSP, CRISC
Experience working in SaaS and multi-tenant environments.

Your Voice, Unfiltered:

We value the real you. To ensure a fair and authentic experience for everyone, we ask that you do not use AI tools (such as real-time answer generators, transcription apps, or note-taking bots) during your interview

Our process is designed to hear your unique story, thought process, and lived experience in real-time. Use of unauthorized AI tools may result in disqualification, as we want to ensure every candidate is evaluated on their own individual merits. We’re excited to meet the person behind the resume!

If you need assistive technology or AI tools for accessibility (e.g., live captioning), please notify your recruiter in advance. We are committed to providing an inclusive interview experience.

Simpplr’s Hub-Hybrid-Remote Model:

At Simpplr we believe that when work is good, life is better and that belief guides all we do. Including how we approach our flexible work model. Simpplr operates with a Hub-Hybrid-Remote model. This model is role-based with exceptions and provides employees with the flexibility that many have told us they want.

Hub - 100% work from Simpplr office. Role requires Simpplifier to be in the office full-time.
Hybrid - Hybrid work from home and office. Role dictates the ability to work from home, plus benefit from in-person collaboration on a regular basis.
Remote - 100% remote. Role can be done anywhere within your country of hire, as long as the requirements of the role are met.

Information Security Manager

TLDR