Information Security Lead

The role focuses on safeguarding sensitive data, digital assets, and IT infrastructure while ensuring regulatory and industry compliance. You will define and execute information security and data privacy strategies, including risk management and audits. The position also involves supporting IT security operations and governance.

You will collaborate with cross-functional teams and partners to develop and maintain enterprise-wide programs. About SmartQ SmartQ is redefining how the world experiences food. As a next-generation food-tech innovator, we solve real operational challenges through empathy-led insights and powerful technology.

Our mission is clear: to elevate everyday dining into a seamless and meaningful experience. In the last decade, we’ve transformed cafeteria and food operations across industries with scalable, cutting-edge solutions. Operating in 14 countries and backed by Compass Group- a $60B global foodservice leader SmartQ continues to push the boundaries of what modern food-tech can achieve.

Since our inception in 2015, we’ve become a trusted partner for corporates, hospitals, universities, and food courts worldwide. With a bold vision to become the world’s largest B2B food-tech company, we connect people through exceptional food experiences powered by advanced technology. Today, we proudly serve 400+ global clients, including leaders like Google, HSBC, Amazon, and Wells Fargo.

At the heart of SmartQ is a culture shaped by four core pillars: Great People | Great Food | Great Experience | Greater Good These values inspire collaboration, innovation, humility, and a relentless pursuit of excellence. To dive deeper into what drives us, explore our cultural pillars on the SmartQ LinkedIn ‘Life’ page. It offers an authentic glimpse into the journey you could be part of: https://www.linkedin.com/company/smartq-bottlelabs/life/cdc290f8-ff81-4e7f-9c96-37d842f936c4/?viewAsMember=true Roles and Responsibility: Develop, review, and maintain comprehensive information security and data privacy policies in line with regulatory and industry standards.

Provide hands-on IT administration support, ensuring a secure, reliable, and efficient IT environment. Plan and execute internal audits across business functions to assess compliance with security policies and controls. Identify, assess, and mitigate information security risks, recommending and overseeing the implementation of appropriate mitigation measures.

Manage vendor security and risk assessments, ensuring secure and compliant relationships with third-party partners. Design and deliver organization-wide security awareness and training programs to promote best practices across teams. Implement and manage the IT Security Risk Management Framework, aligning security initiatives with business objectives and risk appetite.

Coordinate and support external audits, certifications, and client security assessments, ensuring timely compliance and issue resolution. Define information security objectives and provide regular metrics, reporting, and analysis to leadership to continuously enhance the security posture. Conduct Business Impact Analysis (BIA) and risk assessments, and develop and maintain Business Continuity and Disaster Recovery (BCP/DR) plans.

Collaborate with crisis management and BCP teams and actively participate in periodic DR drills and testing. Qualifications: Bachelor’s degree in Computer Science, Information Technology, or a related field; a Master’s degree is an advantage. Minimum 8 years of experience in information security or a related role.

Strong understanding of security frameworks, standards, and best practices (ISO 27001, NIST, CIS, etc.). Experience with audit readiness, compliance, and regulatory requirements. Hands-on knowledge of cloud security, including cloud infrastructure, serverless architectures, and services.

Experience with security technologies and tools, such as firewalls, IDS/IPS, SIEM, VAPT, encryption, and multi-factor authentication. Demonstrated ethical hacking and vulnerability assessment skills, with strong documentation practices. Solid understanding of secure design principles and their application across the development lifecycle.

Proven ability to train, mentor, and guide teams to strengthen security awareness and practices. Experience in incident response, risk management, and business continuity planning. Strong analytical, problem-solving, and decision-making skills, with the ability to perform effectively under pressure.

Industry-recognized certifications such as CISSP, CISM, CISA, or equivalent are a plus. Message from CEO: We've come to realize that we're not merely in the B2B Food service industry; we're in the business of 'Capturing Hearts.' We find ourselves in a unique position to turn ordinary, mundane corporate cafeterias into places of pure delight, where individuals can freely express themselves, find inspiration, and share happiness. Such a profound transformation opportunity is a rare gift, where the purpose of our enterprise transcends the ordinary.

If this vision resonates with you, we invite you to join us in our mission to spread joy and happiness in a world weighed down by stress and pressure. Together, let's play our part in making this world a more beautiful place.