Tillster
Head of Enterprise IT and Cybersecurity Compliance
Tillster, San Diego, California, United States, 92189
Head of Enterprise IT and Cybersecurity Compliance
Location:
Los Angeles or San Diego, CA Reports to:
CTO
About the Role We are looking for a senior leader to own our global Enterprise IT, Cybersecurity, and Compliance functions as we continue scaling a cloud-native technology platform that operates across multiple continents. This role protects the organization’s systems, data, employees, and customers while ensuring full compliance with global privacy and security standards including PCI DSS, GDPR and CCPA, and emerging regulations.
As the Head of Enterprise IT & Cybersecurity Compliance, you will guide our cloud‑first transformation, strengthen our security posture, modernize internal IT operations, and ensure the company meets the highest bar for compliance in every market we serve.
What You’ll Lead
Strategic Leadership:
Build and execute a comprehensive security, compliance, and enterprise IT strategy aligned with company objectives; advise executive leadership on risk posture, emerging threats, and regulatory requirements; oversee IT governance, asset management, endpoint strategy, identity management, and security‑by‑design standards.
Enterprise IT Ownership:
Lead corporate IT operations including helpdesk, SaaS management, access controls, device lifecycle, and employee support; modernize the IT environment with automation, standardization, and cloud‑first systems; establish policies for acceptable use, asset management, remote workforce security, incident reporting, onboarding/offboarding, MDM, SSO, and IAM across the organization.
Cybersecurity Leadership:
Own the global cybersecurity program covering cloud security, application security, network security, vulnerability management, and SOC operations; architect and enforce zero‑trust principles across users, services and systems; lead threat detection, incident response, forensics and ongoing readiness exercises; implement and manage security tools (SIEM, EDR, CSPM, WAF, IAM, DLP, etc.).
Compliance, Risk & Audit:
Maintain ongoing compliance with PCI DSS, GDPR, CCPA, SOC 2, ISO 27001 and future regulatory frameworks; serve as primary owner of audits, certifications and external assessments; lead enterprise‑wide risk management, vendor reviews, data protection controls and privacy governance; maintain audit readiness and drive continuous improvement of the ISMS.
Collaboration & Leadership:
Partner with Engineering, DevOps, Product, Legal, and Operations to embed security into architecture, SDLC and infrastructure; lead, mentor and grow a team of IT, security and compliance professionals; build a company‑wide culture of security awareness and accountability.
Required Experience
10+ years of progressive experience in cybersecurity, enterprise IT or information risk roles.
5+ years leading teams in a high‑growth SaaS or global technology environment.
Proven success owning PCI, GDPR and CCPA programs end‑to‑end.
Deep experience with cloud‑native security (AWS preferred).
Demonstrated leadership in incident response, vulnerability management and compliance audits.
Strong understanding of modern IT operations, identity systems and SaaS ecosystems.
Ability to translate complex security topics into clear, actionable guidance for executives and non‑technical teams.
Preferred Certifications
CISSP, CISM, CISA, CCSP, ISO 27001 Lead Implementer, AWS Security Specialty.
Interview Process
Recruiter interview with a Talent Acquisition Specialist.
Interview with CTO.
Technology interview.
Final interview with our Team Leaders.
Making a Difference in the Tillster Way Our mission is to empower restaurants and consumers globally by supporting the people who are part of the Tillster team. We create an inclusive working environment, embrace diversity in all forms and are proudly an equal‑opportunity employer. We do not discriminate based on race, color, religion, national origin, gender identity, sexual orientation, age, family/parental status, marital status, veteran status, disability or any other protected status.
Compensation & Perks
Base Salary: $220,000–$290,000 DOE.
Benefits: Medical, dental, vision, FSA, EAP and more.
Equity.
Time Off: 15 days PTO in year one, 22+ days thereafter, plus 10 paid holidays.
Retirement: 401(k) eligibility from Day 1.
Learning: Tuition assistance, Udemy Learning access, development opportunities.
The Fine Print
Remote role must be based in the Los Angeles or San Diego, CA region.
Local candidates preferred.
No visa sponsorship available.
Principals only, no agencies or cold calls.
#J-18808-Ljbffr
Los Angeles or San Diego, CA Reports to:
CTO
About the Role We are looking for a senior leader to own our global Enterprise IT, Cybersecurity, and Compliance functions as we continue scaling a cloud-native technology platform that operates across multiple continents. This role protects the organization’s systems, data, employees, and customers while ensuring full compliance with global privacy and security standards including PCI DSS, GDPR and CCPA, and emerging regulations.
As the Head of Enterprise IT & Cybersecurity Compliance, you will guide our cloud‑first transformation, strengthen our security posture, modernize internal IT operations, and ensure the company meets the highest bar for compliance in every market we serve.
What You’ll Lead
Strategic Leadership:
Build and execute a comprehensive security, compliance, and enterprise IT strategy aligned with company objectives; advise executive leadership on risk posture, emerging threats, and regulatory requirements; oversee IT governance, asset management, endpoint strategy, identity management, and security‑by‑design standards.
Enterprise IT Ownership:
Lead corporate IT operations including helpdesk, SaaS management, access controls, device lifecycle, and employee support; modernize the IT environment with automation, standardization, and cloud‑first systems; establish policies for acceptable use, asset management, remote workforce security, incident reporting, onboarding/offboarding, MDM, SSO, and IAM across the organization.
Cybersecurity Leadership:
Own the global cybersecurity program covering cloud security, application security, network security, vulnerability management, and SOC operations; architect and enforce zero‑trust principles across users, services and systems; lead threat detection, incident response, forensics and ongoing readiness exercises; implement and manage security tools (SIEM, EDR, CSPM, WAF, IAM, DLP, etc.).
Compliance, Risk & Audit:
Maintain ongoing compliance with PCI DSS, GDPR, CCPA, SOC 2, ISO 27001 and future regulatory frameworks; serve as primary owner of audits, certifications and external assessments; lead enterprise‑wide risk management, vendor reviews, data protection controls and privacy governance; maintain audit readiness and drive continuous improvement of the ISMS.
Collaboration & Leadership:
Partner with Engineering, DevOps, Product, Legal, and Operations to embed security into architecture, SDLC and infrastructure; lead, mentor and grow a team of IT, security and compliance professionals; build a company‑wide culture of security awareness and accountability.
Required Experience
10+ years of progressive experience in cybersecurity, enterprise IT or information risk roles.
5+ years leading teams in a high‑growth SaaS or global technology environment.
Proven success owning PCI, GDPR and CCPA programs end‑to‑end.
Deep experience with cloud‑native security (AWS preferred).
Demonstrated leadership in incident response, vulnerability management and compliance audits.
Strong understanding of modern IT operations, identity systems and SaaS ecosystems.
Ability to translate complex security topics into clear, actionable guidance for executives and non‑technical teams.
Preferred Certifications
CISSP, CISM, CISA, CCSP, ISO 27001 Lead Implementer, AWS Security Specialty.
Interview Process
Recruiter interview with a Talent Acquisition Specialist.
Interview with CTO.
Technology interview.
Final interview with our Team Leaders.
Making a Difference in the Tillster Way Our mission is to empower restaurants and consumers globally by supporting the people who are part of the Tillster team. We create an inclusive working environment, embrace diversity in all forms and are proudly an equal‑opportunity employer. We do not discriminate based on race, color, religion, national origin, gender identity, sexual orientation, age, family/parental status, marital status, veteran status, disability or any other protected status.
Compensation & Perks
Base Salary: $220,000–$290,000 DOE.
Benefits: Medical, dental, vision, FSA, EAP and more.
Equity.
Time Off: 15 days PTO in year one, 22+ days thereafter, plus 10 paid holidays.
Retirement: 401(k) eligibility from Day 1.
Learning: Tuition assistance, Udemy Learning access, development opportunities.
The Fine Print
Remote role must be based in the Los Angeles or San Diego, CA region.
Local candidates preferred.
No visa sponsorship available.
Principals only, no agencies or cold calls.
#J-18808-Ljbffr