IT Governance and Security Specialist

Lavasource are global consultants, system & service partners - helping enterprises to choose, use, and benefit from Workforce, HR, and Payroll technologies. With a distributed team of ~100 employees across the UK, Mauritius, India, and North America, we are a challenger brand known for deep expertise, exceptional partner relationships, and a commitment to customer success.

We are strengthening our internal IT governance, security posture, and compliance operations. This role is central to that mission. You will work directly with the CEO, Product leadership, and our external IT partner to ensure our IT estate is secure, compliant, and aligned with customer and regulatory expectations. This is a hands‑on, delivery‑focused role with significant visibility and responsibility -- which we plan to hire on a contract-to-perm basis.

You’ll Lead

Vendor & Partner Management

• Act as the primary point of contact for our external IT provider.
• Hold partners accountable for delivery, timelines, SLAs, and quality.
• Ensure remediation plans are executed to specification and escalate blockers early.
• Validate that controls, tooling, and configurations are implemented correctly and sustainably.

IT Remediation & Improvement Delivery

• Drive multiple parallel remediation workstreams across tight timelines.
• Maintain and prioritise a live risk register based on customer impact and regulatory exposure.
• Coordinate cross‑functional teams (Product, Engineering, Operations, Security) to ensure aligned execution.
• Ensure all remediation actions are evidence‑based, auditable, and traceable.

Customer‑Facing Security & Compliance Engagement

• Serve as the technical liaison for enterprise customers on data governance and security concerns.

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Translate complex technical progress into clear, credible customer updates.
• Support renewal and pre‑sales conversations where security posture is a deciding factor.
• Protect revenue by managing escalations with urgency, clarity, and authority.

Governance, Controls & Compliance Ownership

• Define, implement, and enforce our IT governance framework.
• Oversee policies for access management, device compliance, data residency, incident response, and audit trails.
• Ensure our IT estate meets required security baselines across endpoints, SaaS platforms, and cloud services.
• Support compliance with GDPR, PIPEDA, SOC‑aligned controls, and customer contractual obligations.
• Ensure future SOWs are met and audits pass without surprises.

Leadership Reporting

• Provide weekly briefings to the CEO and senior leadership.
• Deliver clear updates on progress, risks, customer sentiment, and decisions required.
• Maintain executive‑ready reporting dashboards and documentation.

What You Bring

Essential

• 10+ years managing external IT vendors or delivering critical IT projects in regulated or enterprise environments.
• Strong project management discipline under pressure—tracking deliverables, timelines, risks, and cross‑team coordination.
• Deep familiarity with data governance and privacy regulations (GDPR, PIPEDA, data residency).
• Ability to translate between technical teams and non‑technical stakeholders.
• Confidence to push back on vendors and escalate hard decisions to leadership.
• High comfort with ambiguity and the ability to prioritise ruthlessly.

Beneficial

• Background in IT security, compliance, or audit.
• Experience in SaaS, HR tech, or enterprise B2B environments.
• Familiarity with SOC 2, ISO 27001, NIST and similar frameworks.
• Experience supporting enterprise customer escalations or renewals.

Location & Travel

This role is remote, with an initial preference for South Africa, with some travel to Mauritius, India, and potentially the US may be required for partner engagement and compliance activities.

Why Join Us?

You’ll be stepping into a pivotal role at a critical moment—shaping the governance and security foundations of a fast‑growing global platform. You’ll have the autonomy to make meaningful decisions, the support of senior leadership, and the opportunity to turn an interim role into a long‑term strategic position.

This role could become permanent, but will be hired as an initial 6 month contract.