← All Jobs
Posted Apr 14, 2026

VP of IT & InfoSec

Apply Now
Improvado is an AI-powered marketing data platform built for mid-market and enterprise teams. We help companies automate complex marketing data workflows, unify data at scale, and surface insights through BI and AI. Brands like ASUS, Docker, Activision, and H&R Block rely on us to simplify analytics and improve marketing performance. We’re a fast-growing Series A startup backed by $34M in funding and driven by a team that moves fast, stays curious, and cares about high-quality execution. About the Role Improvado is looking for a VP of IT & InfoSec to lead and scale our information security, data privacy, IT operations, and internal technology function. This is a leadership role responsible for protecting Improvado's infrastructure, client data, and business reputation — while enabling the company to close enterprise deals faster by being a trusted security partner. You will be the single point of accountability for all things security and IT: enterprise client security engagements, compliance frameworks, vendor and SaaS stack governance, IT automation and infrastructure, privacy regulations, and internal technology operations. What You'll Own 1. Client & Enterprise Security - Serve as the primary Improvado representative in client-facing security reviews, audits, and questionnaires (SOC 2 Type II, ISO 27001, TPRM, vendor risk assessments) - Respond to enterprise client security findings — triaging severity, committing to remediation timelines, and following through to resolution - Join customer calls (Gong, Zoom) for security deep-dives, answering technical questions from client InfoSec, Legal, and Procurement teams - Build trust with enterprise clients' security teams to unblock or accelerate deals (e.g., Credit Karma, FordDirect, GSK) - Own and maintain security documentation packages: SOC 2 reports, DPAs, penetration test results, security questionnaires, and compliance attestations 2. Information Security Program - Define and maintain Improvado's security posture across cloud infrastructure (AWS, GCP), SaaS stack, and data pipelines - Own vulnerability management, penetration testing cycles, and remediation tracking - Develop and enforce security policies, access control standards, and incident response playbooks - Lead internal security audits and manage external audit relationships - Drive security awareness training and phishing simulation programs across the organization 3. AI & Product Security - Own the security posture for Improvado's AI products — AI Agent (MCP), Chrome Extension, and internal AI tooling - Lead security reviews for new AI product features, ensuring privacy-by-design and secure data handling - Manage the security aspects of AI product rollout to customers (MCP deployment, access control, data isolation) - Advise engineering teams on secure architecture for AI/ML pipelines, LLM integrations, and agent frameworks - -Respond to enterprise security questionnaires specific to AI capabilities and data processing 4. Data Privacy & Compliance - Ensure compliance with GDPR, CCPA, and other applicable privacy regulations - Maintain and update privacy policies, data processing agreements (DPAs), and records of processing activities (ROPAs) - Partner with Legal and Customer Success on DPA negotiations with enterprise clients - Advise product and engineering teams on privacy-by-design principles for new features and data flows - Own the external-facing compliance posture — ensuring all customer-facing documentation is current and accurate 5. Vendor & SaaS Stack Management - Own the company-wide SaaS vendor portfolio — procurement, renewals, license optimization, and cost governance - Conduct vendor security assessments for new and existing tools before onboarding - Manage vendor relationships and contract negotiations for IT and security tooling - Maintain a vendor registry with risk ratings, contract terms, and renewal schedules - Evaluate and recommend new tools that improve security posture or operational efficiency 6. IT Operations & Infrastructure - Oversee IT infrastructure, endpoint management, and employee access lifecycle (onboarding → offboarding) - Manage MDM, SSO, zero-trust tooling, and Google Workspace administration across the organization - Own hardware procurement, device provisioning, and asset management - Drive employee onboarding IT setup: account creation, security credentials, access provisioning, tool setup - Manage IT helpdesk operations — ensuring timely resolution of employee technical issues 7. IT Automation & Internal Tooling - Lead the IT automation function — building and maintaining automations that reduce manual IT work - Drive automation of employee onboarding/offboarding workflows, access provisioning, and recurring IT tasks - Oversee development of internal tools and scripts that improve IT operations efficiency - Identify opportunities to automate security and compliance processes (monitoring, alerting, reporting) 8. Budget & Cost Management - Own the IT and InfoSec budget — planning, tracking, and optimizing spend on tools, infrastructure, and services - Report on IT/security spend to executive team with clear ROI justification - Identify cost-saving opportunities through vendor consolidation, license optimization, and automation What You Bring - 8+ years in information security, with at least 3 years in a senior leadership role - Hands-on experience managing enterprise security audits and client-facing security engagements at scale - Deep familiarity with SOC 2 Type II, ISO 27001, and privacy regulations (GDPR, CCPA) - Experience with AI/ML product security — understanding of LLM risks, data isolation, and secure agent architectures - Strong background in SaaS vendor management, procurement, and license governance - Experience managing cloud infrastructure security (AWS, GCP) and identity/access management (IAM) - Proven ability to build and manage IT operations teams (helpdesk, automation, infrastructure) - Ability to translate complex security findings into clear, business-friendly communication for executives and clients - Excellent written and verbal communication — you can present to a CISO at a Fortune 500 client with confidence - CISSP, CISM, or equivalent certification is a plus Key Metrics - Time to complete enterprise security reviews and questionnaires - Number of security findings in customer audits (target: zero critical) - SaaS vendor compliance coverage and cost optimization - IT automation coverage — % of manual IT processes automated - Mean time to resolve IT support tickets - Security incident response time and remediation SLA adherence What We Offer - Remote-first environment - Strong product/market fit: marketing data product for US-based enterprises - 20 working days of PTO per year - US holidays and additional days off - Extremely fun & open startup environment - Professional development reimbursement
Apply Now

More Remote Jobs

Sr Performance TesterApr 16, 2026**Experienced Customer Experience Manager – Home Goods and Furniture Retail**Apr 13, 2026Customer Service Representative (9:30a-6:00p MT)Apr 14, 2026Academic Success Coordinator (Hybrid) - Student AffairsApr 13, 2026(CA REMOTE) Labor and Employment Attorney-Plaintiffs (Los Angeles)Apr 13, 2026Independent Leadership Consultant - Human Potential & Mindset DevelopmentApr 13, 2026Lead Business Operations AnalystApr 16, 2026Controller, Finance Site LiaisonApr 15, 2026Project Manager, Engineering & ConstructionApr 15, 2026Contract Software Engineer (Test Architect)Apr 15, 2026[Remote] Sports Travel & Event Coordinator | RemoteApr 17, 2026Strategic Lead, Digital Performance & RetentionApr 13, 2026**Experienced Part-Time Remote Data Entry Specialist – Supportive and Dynamic Work Environment at arenaflex**Apr 17, 2026Merchandising RepApr 13, 2026Medical Director, Grievances (Fully Remote and Part-time)Apr 14, 2026
Interested in this role?Apply on iHire