AddressWe're at a turning point in history. Climate change is changing the world faster than ever before. Utilities will play a crucial role in the transformation of our society to fight climate change and become carbon-neutral, while at the same time making sure people and businesses can continue to use energy supply like they've been used to for so many years.
At Gorilla, we're determined to not stay aside, but to make a real impact on the utility industry by providing data services that allow utilities to play the role they need to play in the quest for a net-zero society. By building something that solves a real problem, and by being the best at what we do.
Your role
As our Information and Security Officer, you'll be a driving force in our scale-up journey. Your multifaceted role is key to strengthening our security and compliance practices, bridging the gap between strategic initiatives and hands-on IT functions.
Your responsibilities
- Lead the migration to the latest version of ISO 27001, ensuring that our security practices are up to contemporary standards.
- Maintain PII, legal, supplier and client registers, overseeing supplier onboarding and conducting risk assessments.
- Be Gorilla's client-facing security expert, handling all security and compliance inquiries from sales to production phases.
- Assist in due diligence procedures during fundraising rounds or during (client) audits.
- Keep the continuous improvement process for our ISMS up and running and be the SPOC for the organisation, auditors and external parties.
- Spearhead further compliance programs, such as SOC 2 Type II or B-CORP, defining controls and ensuring adherence to reporting requirements.
- Provide operational IT support from a security perspective, handling access requests, authentication and authorisation in IT systems.
- Assess, select, and maintain security tools and software, building vendor relationships, and negotiating contracts to support our technological growth.
- Assist in IT buying decisions, evaluating the security implications of new software and hardware for compatibility with existing systems.
- Design and implement secure tool configurations and integration workflows maintaining data integrity and supporting operational efficiency.
- Drive the development of security and IT support policies, delivering training and guidance to all staff to foster a culture of security awareness.
Requirements
- Proven experience as a CISO, preferably in a startup and/or SaaS environment.
- Familiarity with ISO 27001 and SOC 2 compliance standards.
- Exposure to ISO 9001, ISO 14001, B Corp or similar compliance programs.
- Relevant certifications (CISSP, ISO 27001 Lead Auditor/Implementer, etc.) or a strong desire to obtain them.
- Strong technical background with hands-on experience in IT support, systems administration, and Security tools.
- Bachelor’s or master’s degree in Computer Science, Information Systems, or a related field; or equivalent professional experience.
- Excellent problem-solving skills, the ability to make informed decisions quickly, and the agility to handle multiple tasks in a fast-paced startup environment.
Benefits
You become part of an ambitious organisation and an enthusiastic team with a mindset to win! As Gorilla is growing at an incredible pace, you can leave your mark – growing alongside Gorilla.
We actively challenge ourselves and our colleagues, in order to always improve our skills, methodology and capabilities. Lifelong learning is essentially embedded in our organisation, and we care about your individual dreams and ambitions, beyond just work.
On top of that, our remuneration approach is clear and no-nonsense, just like our feedback culture and personal development approach. You’ll be able to join a team from wherever you’d like to work – equipped with the best technology for remote work. We’ll provide access to an office space near you whenever you like, as well as frequent travels to meet your colleagues in person, making sure you’ll never feel lonely.
