Datasite and its associated businesses are the global center for facilitating economic value creation for companies across the globe. From data rooms to AI deal sourcing
and more. Here you’ll find the finest technological pioneers: Datasite, Blueflame AI, Firmex, Grata, and Sherpany. They all, collectively, define the future for business growth.
Apply for one position or as many as you like. Talent doesn’t always just go in one direction or fit in a single box. We’re happy to see whatever your superpower is and find the best place for it to flourish.
Get started now, we look forward to meeting you..
Job Description:
About Us
We’re a fast-growing SaaS company working with clients around the world who trust us with sensitive and privileged data — including proprietary IP, PII, and MNPI. Security and trust sit at the heart of our product and our client relationships.
We’re already SOC 2 Type II certified and now preparing for ISO 27001 while maintaining compliance with GDPR and other global privacy frameworks. As we scale, we’re looking for a Head of Information Security & Privacy to strengthen our security posture, modernize our controls, and help us stay secure without slowing innovation.
The Opportunity
This is a hands-on role for a doer who can design, implement, and run a fit-for-purpose security and privacy program. You’ll work closely with engineering, product and operations to embed best practices across our AWS-based infrastructure and software development lifecycle.
You’ll maintain key certifications, manage risk assessments, handle client security reviews, and help shape a security-first culture as we grow.
Key Responsibilities
Own and evolve the information security management system, maintaining SOC 2 Type II and leading the path to ISO 27001 certification.
Implement and monitor security controls across AWS, including IAM, KMS, networking, and logging.
Partner with engineering to embed security in the SDLC: threat modelling, secure coding, vulnerability management, and DevSecOps practices.
Lead risk assessments, incident response, and vendor security reviews, ensuring timely and pragmatic remediation.
Maintain and continuously improve security and privacy policies, aligning them with global regulations and client requirements.
Support privacy compliance (GDPR, CCPA, and similar), including data mapping, retention, and cross-border transfer considerations.
Oversee security reviews and due-diligence requests from clients, auditors, and partners.
Stay ahead of emerging threats and regulatory changes, translating them into actionable guidance.
Champion security awareness and training across the company.
Requirements
5–8 years’ experience in information security, cloud security, or risk management, ideally within a SaaS environment.
Solid knowledge of AWS security architecture and best practices.
Experience embedding controls into a modern SDLC (e.g., CI/CD, GitHub Actions, IaC).
Working understanding of privacy and data protection frameworks (GDPR, CCPA, etc.).
Familiarity with generative AI / LLM architectures and associated security and data-governance risks.
Strong communicator who can explain complex security issues in plain business terms.
Commercial and pragmatic mindset — able to balance protection with agility.
Hands-on, proactive, and comfortable working independently in a fast-moving environment.
Relevant certifications (AWS Security Specialty, CISSP, CISM, ISO 27001 Implementer, CIPP/E) a plus.
The base salary range represents the estimated low and high end for this position based on a good faith assessment of the role and market data at the time of posting. Consistent with applicable law, each candidate’s compensation offer may vary and will be determined based on but not limited to, your geographic region, skills, qualifications, and experience along with the requirements of the position. This position may be eligible for bonuses, commissions, or overtime if applicable. Benefits include health insurance (medical, dental, vision), a retirement savings plan, paid time off, and other employee benefits. Specific details will be provided during the interview process. Datasite reserves the right to modify this pay range at any time.
$118,800.00 - $207,200.00Our company is committed to fostering a diverse and inclusive workforce where all individuals are respected and valued. We are an equal opportunity employer and make all employment decisions without regard to race, color, religion, sex, gender identity, sexual orientation, age, national origin, disability, protected veteran status, or any other protected characteristic. We encourage applications from candidates of all backgrounds and are dedicated to building teams that reflect the diversity of our communities.