Cybersecurity Officer

Growe welcomes those who are excited to:

• 
  

  Own end-to-end cybersecurity, information security, and IT security across the company, covering both internal security (breach attempts, internal network monitoring) and product security (product-related threats and risks);

  
  


• 
  

  Define, evolve, and execute the company-wide cybersecurity strategy and security roadmap aligned with business and product priorities;

  
  


• 
  

  Establish and enforce security policies, standards, procedures, and organization-wide security controls;

  
  


• 
  

  Lead security risk management, including risk assessments, risk register ownership, and mitigation planning;

  
  


• 
  

  Ensure compliance with regulatory and industry standards (e.g., GDPR, ISO 27001, SOC 2) and manage internal/external audits;

  
  


• 
  

  Oversee secure architecture across cloud infrastructure, applications, SDLC, and IAM, including review of critical architectural decisions;

  
  


• 
  

  Define and enforce security standards for encryption, key management;

  
  


• 
  

  Own security operations, including monitoring, detection, response capabilities, and incident response for critical (P0/P1) events;

  
  


• 
  

  Drive Application Security and DevSecOps practices (SAST, DAST, SCA, CI/CD security controls, threat modeling) in collaboration with engineering teams;

  
  


• 
  

  Oversee IAM, endpoint, and workforce security, including access control models, EDR strategy, device security, and joiner/mover/leaver processes;

  
  


• 
  

  Lead fraud prevention, vendor security, and internal/external abuse investigation processes, while managing security KPIs, reporting, budget, and team scaling;

  
  


• Manage a large cybersecurity team, including Cloud Security, SOC, Application Security / DevSecOps, Endpoint Security, IAM, and Information Security functions.

We need your professional experience:

• 
  

  7+ years of experience in cybersecurity, including experience in leadership role;

  
  


• 
  

  Strong expertise in cloud security (AWS, GCP, or Azure);

  
  


• 
  

  Solid understanding of application security and secure SDLC practices;

  
  


• 
  

  Hands-on experience with SIEM, EDR, and incident response processes;

  
  


• 
  

  Deep knowledge of identity and access management models (RBAC, ABAC, least privilege);

  
  


• 
  

  Experience working with compliance frameworks such as ISO 27001, SOC 2, and GDPR;

  
  


• 
  

  Proven track record of building and scaling security programs in growing organizations;

  
  


• 
  

  English - upper-intermediate or higher (able to communicate in technical discussions).

  
  

We appreciate if you have those personal features:

• 
  

  Strategic thinker with the ability to translate business needs into security initiatives;

  
  


• 
  

  Hands-on and pragmatic approach, with readiness to dive into technical details when needed;

  
  


• 
  

  Strong ownership mindset and accountability for end-to-end security outcomes;

  
  


• 
  

  Ability to operate in a fast-paced, evolving environment and make data-driven decisions;

  
  


• 
  

  Leadership skills with experience building, mentoring, and scaling teams;

  
  


• 
  

  Strong problem-solving and critical thinking abilities;

  
  


• 
  

  Effective communicator who can clearly articulate complex security topics to diverse audiences.

  
  

We are seeking those who align with our core values:

• 
  

  GROWE TOGETHER: Our team is our main asset. We work together and support each other to achieve our common goals;

  
  


• 
  

  DRIVE RESULT OVER PROCESS: We set ambitious, clear, measurable goals in line with our strategy and driving Growe to success;

  
  


• 
  

  BE READY FOR CHANGE: We see challenges as opportunities to grow and evolve. We adapt today to win tomorrow.