Fonoa
Engineering
IT&SecurityProgramManager
Neural analysis suggests this role is
optimal for Mid candidates.
“IT & Security Program Manager at Fonoa. Skills: program management, IT operations, cybersecurity/GRC coordination. Own the IT & Security program: keep the calendar, track initiatives, and make sure nothing falls through the cracks.. Coordinate IT initiatives such as tooling rollouts, IdP migrations, and access management projects, working with Infrastructure and IT to keep them scoped and on track.”
What You'll Achieve.
IT projects land on schedule; security audits and certifications are planned well in advance; penetration tests are tracked to closure; tooling rollouts are coordinated properly; nothing slips through the cracks; reduce manual processes; increase compliance; lower operational costs; make sure the right things happen at the right time across both IT and security; make the team more effective
Industry & Context.
build structure from ambiguity
What They're Looking For.
Must Have
4+ years of experience in program management, IT operations, or a cybersecurity/GRC coordination role, End-to-end ownership of at least one full SOC 2 or ISO 27001 cycle, understanding of multiple frameworks and how to map controls across them, Working knowledge of GDPR, enterprise risk, and third-party risk, Ability to operate independently and build structure from ambiguity, Good enough understanding of IT and security to have credible conversations with engineers and auditors, without needing to be a hands-on technical practitioner
What You'll Do.
Own the IT & Security program: keep the calendar
and make sure nothing falls through the cracks.
Coordinate IT initiatives such as tooling rollouts
and access management projects
working with Infrastructure and IT to keep them scoped and on track.
Run the compliance and certification cycles (SOC 2
ISO 9001): coordinate with auditors
and Legal to keep evidence collection and deadlines under control.
Manage the pentest program end to end: scope
and remediation follow-up in collaboration with Security Engineers and Engineering.
Drive the security awareness program together with People Ops: training campaigns
and completion tracking.
Coordinate risk and vendor reviews
keeping the risk register up to date and supporting enterprise sales with security questionnaires and due diligence requests.
Report on program health to leadership with clear
consistent visibility into what is on track
and what needs decisions.
How You'll Work.
Team & Collaboration
pull in Security Engineers, Infrastructure, IT, Legal, and external vendors as each initiative requires, keeping everyone aligned and moving.; work alongside Security Engineers, IT, Infrastructure, Legal, and external vendors.; owning the coordination layer
Communication Scope
written and verbal communication: able to translate technical work into clear updates for non-technical audiences
Process & Methodology
planning, coordination, delivery, tracking initiatives, keeping them scoped and on track, keeping evidence collection and deadlines under control, finding tracking, remediation follow-up, completion tracking, keeping the risk register up to date, reporting on program health
Full Job Description
COMPANY DESCRIPTION At Fonoa, we are transforming how digital-first companies stay tax compliant. We provide simple and modular API solutions that easily integrate into any existing workflow. Through our technology-first approach, we reduce manual processes, increase compliance, and lower operational costs when transacting and scaling internationally. We are solving one of the largest yet unsolved problems in global e-commerce. Our tax automation software enables companies such as Uber, Zoom, Booking.com http://Booking.com, Squarespace, and Rappi to expand their international offerings more quickly and remain tax-compliant. POSITION OVERVIEW As Fonoa continues to scale globally, we are looking for an IT & Security Program Manager to take ownership of how our IT and security initiatives are planned, coordinated, and delivered across the company. This is not a purely technical role. You will be the person who makes sure the right things happen at the right time across both IT and security: IT projects land on schedule, security audits and certifications are planned well in advance, penetration tests are tracked to closure, tooling rollouts are coordinated properly, and nothing slips through the cracks. You will pull in Security Engineers, Infrastructure, IT, Legal, and external vendors as each initiative requires, keeping everyone aligned and moving. Fonoa's IT and security function covers a lot of ground. You will be the connective tissue that holds all the different pieces together and turns a busy team into a well-run program. KEY RESPONSIBILITIES - Own the IT & Security program: keep the calendar, track initiatives, and make sure nothing falls through the cracks. You are responsible for delivery, not for doing everything yourself. - Coordinate IT initiatives such as tooling rollouts, IdP migrations, and access management projects, working with Infrastructure and IT to keep them scoped and on track. - Run the compliance and certification cycles (SOC 2, ISO 27001, I
Applying for this IT & Security Program Manager role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Fonoa?
Real rants from real employees. Read before you apply.