Information Security Specialist

Customer.io is looking for their first dedicated InfoSec hire — an Information Security Specialist to secure organizational systems, data, and operations across a globally distributed remote-first company. Over 8,000 companies use Customer.io to send billions of emails, push notifications, in-app messages, and SMS every day. Reporting to the VP of Operations, you will work closely with IT, Compliance, and Platform Security. Responsibilities include AI governance and enablement developing a practical framework for evaluating and securely deploying AI tools; vulnerability management owning scanning, triaging, and coordinating remediation; compliance support for SOC 2 and ISO 27001; incident response leading security incident investigations and containment; managing security tooling including EDR, SIEM, DLP, and identity and access management controls; conducting vendor and third-party security reviews; developing security policies and standards; partnering with Platform Security on application security topics; and driving security awareness initiatives. The role requires 4 or more years of information security experience, hands-on experience with compliance frameworks, strong knowledge of cloud security fundamentals on AWS or GCP, and a pragmatic and enabling mindset toward AI adoption.