Information Security Manager

Aircall International Limited•New York, NY

8d•$180,000 - $200,000

About The Position

Aircall is a unicorn AI-powered customer communications platform used by 22,000+ companies worldwide to drive revenue, faster resolutions, and scale. We're redefining what a customer communications platform can beâby combining voice, SMS, WhatsApp, and AI into one seamless workspace. Our momentum comes from a simple but powerful idea: help every customer-facing team work smarter, not harder. Aircall's AI Voice Agent automates routine calls, AI Assist streamlines post-call tasks, and AI Assist Pro delivers real-time guidance that helps people do their best work. The resultâcompanies grow revenue, deliver faster resolutions, and scale service. We've built a product customers love and a business that scales fast. Aircall operates in nine global offices (Paris, New York, San Francisco, Sydney, Madrid, London, Berlin, Seattle, and Mexico City), and is backed by world-class investors. Our teams are shipping AI innovation faster than ever and expanding across new product lines and markets. At Aircall, you'll join a company in motionâambitious, profitable, and product-drivenâwhere impact is visible, decisions are fast, and growth is real. How We Work at Aircall: At Aircall, we believe in customer obsession, continuous learning, and delivering extraordinary outcomes. We value open collaboration, taking ownership, and making smart, informed decisions with speed and precision. If you thrive in a fast-paced, team-driven environment where curiosity, trust, and impact matter, you'll fit right in Aircall is seeking an experienced Information Security Manager to take ownership of Aircall's information security strategy, governance, and risk management practices. This person will serve as the central coordinating and orchestrating function for all branches of Information Security, ensuring that our security, IT, privacy and product teams are aligned, accountable, and operating against a unified framework. This individual will build and mature our governance, policy, and compliance foundations; ensure readiness against major security frameworks; and drive a security-first culture across the organization. This role will sit within the CTO (Technology) organization, alongside Security & Infrastructure Engineering building the security foundation of a future Governance, Risk & Compliance (GRC) function.

Requirements

8+ years of experience in Information Security, including security governance or GRC leadership roles within SaaS or cloud based companies.
Deep knowledge of SOC 2, ISO 27001, NIST, GDPR, and modern security frameworks.
Hands-on experience with GRC platform (Drata, One Trust, Vanta etc.)
Experience leading cross-functional initiatives and managing multiple stakeholders.
Experience with risk management, vendor security, and policy development.
Proven ability in dealing with incident response and security operations.
Strong communication skills, with experience presenting to executives or boards.

Responsibilities

Develop and maintain the company-wide security strategy, policies, and governance frameworks.
Ensure ongoing compliance with SOC 2, GDPR, NIST.
Determine in conjunction with the other security stakeholders the company's strategy to pursue additional certifications) and other relevant global security standards (e.g., ISO 27001).
Participate in building the Governance, Risk & Compliance (GRC) function, aligning with privacy, compliance, and enterprise risk function; maintaining and executing against a risk matrix
Ensure that each branch of Information Security (Product Security, IT Security, GTM, Vendor Due Diligence, Customer facing topics; Governance, Policies & Audits) is performing its responsibilities effectively and operating in a coordinated manner.
Lead enterprise-wide security risk assessments, gap analyses, and mitigation planning.
Partner closely with Legal/Privacy on regulatory obligations, including GDPR, data residency requirements, and incident reporting.
Oversee vendor risk management and security due diligence, ensuring consistent assessment standards and cross-functional alignment.
Build and manage a scalable vendor security program, including due diligence, remediation, and monitoring.
Maintain and refine incident response policies, workflows, roles, and communication procedures.
Coordinate cross-functional participation during security events, ensuring documentation, communication, and post-incident reporting.
Serve as the point of escalation for major security events.
Ensure clear reporting lines, accountability, and coordination between IT Security and Engineering/Product Security.
Work closely with IT, Product, Engineering, and Data teams to embed security-by-design throughout the development lifecycle.
Manage dotted-line reporting relationships with Security Engineers and IT team members, ensuring unified strategic direction while respecting functional dependencies.
Represent Information Security to the Board, Audit Committee, customers, and regulators, as needed.
Lead company-wide security training and awareness initiatives.
Promote a security-first culture across all functions, ensuring employees understand their role in protecting company and customer data.