Head of IT & InfoSec

This is a hands-on role as the Corporate IT team is small in size with a Director of ERP Systems, IT Solutions Architect, IT Manager, so we are looking for individuals that are not afraid of a fast-paced growing environment as this is not a Head of IT role with a large corporate organisation with a large IT operations. However, what this role is a high impact role as you will report to CEO/co-founder and get the chance to take on ownership of all IT & Information security across global operations (U.S, EMEA, APAC)., * You will be responsible for data security governance, IT Infrastructure, Cloud Ops and technology service delivery across global operations.

• Own the company's information security program (Key requirement) - ISO 27001
• Own IT infrastructure, tooling and operational support landscape that underpins the business.
• Partner with a peer director who owns the ERP & Warehouse management systems for the business so there is collaboration to ensure enterprise systems and IT infrastructure operate as a unified, secure and scalable technology function.
• Own and manage the ISO 27001 Information Security Management System (ISMS) end-to-end - including scope definition, risk assessment methodology, Statement of Applicability (SoA), control implementation, internal audit program, and management review cycles.
• Drive ISO 27001 certification readiness and maintain ongoing compliance: lead surveillance audits, recertification cycles, corrective action tracking, and continuous improvement of ISMS controls.
• Own regulatory compliance posture including SOC 2, GDPR, CCPA, and industry-specific requirements; lead audit preparation and remediation.
• Establish and manage the incident response plan, business continuity / disaster recovery (BC/DR) programs, and security incident escalation procedures.
• Conduct ongoing risk assessments, vulnerability management, penetration testing programs, and third-party security reviews.
• Implement and govern identity and access management (IAM), data classification, encryption standards, and endpoint protection across the enterprise.
• Lead security awareness training and foster a culture of security-first thinking across the organization.
• Evaluate, select, and manage SIEM, EDR, DLP, and other security tooling.

• 10+ years of progressive IT leadership experience in enterprise environments with exposure to ERP and WMS platforms (as owner, stakeholder, or infrastructure partner).
• 5+ years of hands-on responsibility for data security governance, compliance programs, and risk management.
• Direct experience managing an ISO 27001 ISMS program - must have led or co-led at least one full certification cycle and managed ongoing surveillance/recertification audits and enforcement.
• Strong working knowledge of enterprise WMS platforms in distribution, fulfillment, or manufacturing environments; direct ownership not required but must understand operational dependencies.
• Experience managing IT operations across multiple geographies - international experience required.
• 3+ years managing and developing IT teams of 5+ direct and indirect reports.
• Working fluency in enterprise ERP platforms (e.g. NetSuite, SAP Business One, Sage Intacct, Odoo, Microsoft Dynamics) - sufficient to partner effectively on security, infrastructure, and integration decisions without owning the platform directly.
• Familiarity with WMS platforms and warehouse technology (barcode systems, pick/pack/ship workflows, 3PL integrations) from an infrastructure and security perspective.
• Deep operational knowledge of ISO 27001 ISMS lifecycle: risk treatment plans, Annex A controls mapping, internal audit execution, nonconformity management, and management review reporting. Fluency in complementary frameworks (NIST CSF, SOC 2, CIS Controls) required.
• Experience with cloud infrastructure (GCP, AWS, or Azure) including networking, IAM, and security configurations.
• Working knowledge of API integration patterns, middleware platforms, and data pipeline architecture.
• Familiarity with ITSM frameworks (ITIL) and tools (Jira Service Management, ServiceNow, or equivalent).

Education & Certifications

• Bachelor's degree in Information Technology, Computer Science, Information Systems, or related field (Master's preferred).
• Industry certifications preferred: ISO 27001 Lead Implementer or Lead Auditor, CISSP, CISM, CISA, ITIL Foundation, or equivalent.

This is an opportunity to come in and own enteprise IT for the organisation as the company continues to grow in the future. This role will require some occasional travel, 10-15% to other office locations however the CEO and others spends significants time periods based in Ireland as they work between Ireland and the U.S.

If you are a Senior IT Manager / Head of IT or equivalent that has directly owned and driven a data security program and ISO 27001 accredition then this could be right up your street.

Stelfox is partnering with a growing/scaling web/eCommerce platform provider to find a hands-on Head of IT who can own their corporate IT and Information Security environments. The company already has a presence in Ireland/Dublin (non-tech) as their EMEA headquarter and has doubled in size to 20+ staff with the focus on hiring their Head of IT and other tech hires in Ireland moving forward as the company extends their North American customers present into EMEA & APAC., Stelfox is fully compliant with GDPR regulations and you can read more in our privacy policy here: https://www.stelfox.com/privacy-policy-gdpr/ Your shared data will not be disclosed or transferred to a third party data controller or data processor located outside the EEA unless we have obtained your express consent. We look forward to working with you.