Head of IT, Security and Compliance

Ready for a new adventure building the next-generation retail experience?

Bambuser is a leading company in live video streaming with a passion for innovation and technology. We strive to deliver top-notch solutions that revolutionize how businesses and consumers interact. With our headquarters in the heart of Stockholm, we offer a dynamic and creative work environment where collaboration and innovation are key. We also have offices in New York, London, Paris, and Tokyo, giving us a global presence and the opportunity to collaborate with colleagues and clients around the world.

We are a leading global SaaS company seeking a dynamic and experienced Head of IT, Security and Compliance to join our team. This strategic role requires deep technical expertise in cybersecurity, information security, and IT infrastructure management. You will be responsible for securing our systems and data, managing our IT infrastructure, and navigating complex compliance requirements like GDPR and ISO 27001. As a hands-on leader with strong communication skills, you will collaborate with internal and external stakeholders to fully meet our security and compliance needs. You will also guide the organization through the evolving global data privacy and security landscape, providing strategic direction across multiple jurisdictions.

Responsibilities:

IT Management:

• Oversee the IT infrastructure (network, servers, end-user devices) and ensure its efficient operation.
• Manage IT vendors and service providers, optimizing costs and service levels.
• Implement and maintain IT policies and procedures to ensure operational excellence.
• Lead system integration projects, ensuring seamless connectivity and data flow across platforms.
• Manage internal hardware assets, including inventory tracking, lifecycle management, and secure disposal.

Cyber Security Management:

• Develop, implement, and manage technical security controls to protect the company’s infrastructure and data.

  Proactively identify and address cybersecurity risks through regular vulnerability assessments, penetration testing, and risk management strategies.

• Lead incident response efforts, minimizing the impact of cyberattacks or breaches.

• Stay up to date on the latest cybersecurity threats and technologies, adapting defensive measures as necessary.

• Implement and manage cybersecurity solutions such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and access control systems.

Information Security Management:

• Develop, implement, and maintain a comprehensive information security program, aligning with industry best practices and compliance requirements (e.g., ISO 27001, GDPR).

• Ensure that security policies, procedures, and controls are in place to protect the organization’s information assets.

• Lead employee security training and awareness programs, fostering a company-wide security-conscious culture.

• Oversee system integrations to ensure secure, seamless interoperability between different platforms.

Compliance Management:

• Ensure ongoing compliance with GDPR, ISO 27001, and other relevant international regulations and standards.

• Manage and address complex compliance questions related to marketing, security, and privacy laws in various countries, ensuring the organization’s practices are aligned with local and global legal requirements.

• Lead the company’s efforts in navigating the complexities of cross-border regulations, ensuring compliance with region-specific laws such as CCPA, PECR, and other national privacy regulations.

• Collaborate with legal teams, business units, and customers to provide clear guidance on marketing practices, data privacy, and security requirements in different regions.

• Manage internal and external security audits, ensuring documentation and evidence of compliance are up-to-date and accessible.

• Maintain accurate and comprehensive documentation of security, privacy, and compliance procedures, adapting them as legal landscapes evolve across different countries.

• Collaborate with legal, business units, and customers on compliance matters.

Customer Facing:

• Serve as the primary point of contact for customers on security and compliance inquiries.

• Align security measures with customer requirements and participate in security assessments.

• Communicate effectively with customers about security policies and procedures, building trust and confidence.

• Maintain up-to-date documentation of security and compliance procedures.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.

• 10+ years of experience in IT security and compliance, with at least 5 years in a leadership role.

• Strong understanding of security frameworks (e.g., NIST, ISO 27001) and relevant regulations (e.g., GDPR).

• Experience with security technologies such as firewalls, intrusion detection/prevention systems, and endpoint security.

• Proven experience in managing system integrations and ensuring seamless interoperability between different systems.

• Strong understanding of hardware lifecycle management and best practices for secure access control.

• Excellent communication, leadership, and problem-solving skills.

• Experience working in a public company environment

This is Bambuser

Bambuser’s Video Commerce technology drives customer engagement and sales for some of the world’s largest brands and retailers. At the forefront of live streaming technology since 2007, Bambuser launched interactive eCommerce solutions in 2019 and quickly became the platform of choice for companies worldwide. Our team has established long-term partnerships and supported campaign activations for brands and retailers including Adidas, Hugo Boss, brands within the LVMH group, Clarins, Selfridges, Sonos, and many others.

Bambuser values diversity and is proud to be an equal opportunity employer, welcoming individuals from all backgrounds, regardless of where you come from or what you believe.