IT Lead

Couch Heroes

European Economic Area

Description

IT Lead

Location: Remote-first

Type: Full-time

Start: ASAP

Salary: Competitive, based on experience

At Couch Heroes, we’re exploring new ground for the MMO genre. In a world where fantasy and ancient technology intertwine, players explore shattered realms, grapple across verticality, solve puzzles, and push back corruption, with progression driven by player expression and discovery. We envision bridging generations of gamers, creating a space where both coexist and journey together. We’re developing in Unreal Engine, in early production, with a team spanning multiple countries.

We’re remote-first, based in the UK, and scaling to support a multi-year live-service roadmap. We value autonomy, curiosity, and collaborative ownership, and we’re looking for creators who want to help build something from the ground up. Sound like your kind of thing? We should talk.

About the Job:

As Couch Heroes scales from early production toward live service, the systems, tools, and policies that hold the studio together need to be designed deliberately. We need an IT Lead who can build the corporate technology backbone of a remote-first studio: identity, devices, SaaS, networks, security, and the everyday processes that let a distributed team move fast without breaking things.

You will report to the COO and partner closely with Engineering, Finance, People, and Production. You will own internal IT end to end across a multi-country workforce, set the security and compliance posture for the studio, and design the processes that scale us from where we are today to a much larger team. We’re still early. Much of what you will own doesn’t yet exist in finished form. You’ll be defining standards, choosing tools, and writing the playbooks that the studio will rely on for years.

Your Role:

Systems, Identity, and Endpoints

  • Own the studio's identity and access management. Run SSO, MFA, and lifecycle automation across our SaaS estate.
  • Design and run onboarding and offboarding so new starters are productive on day one and departing staff lose access cleanly and immediately.
  • Manage the company's device fleet across macOS, Windows, and mobile. Set up and operate MDM, baseline configurations, patching, encryption, and asset tracking for a remote-first workforce.
  • Administer the studio's SaaS portfolio (productivity, communication, HR, finance, design, and production tooling). Own licence management, account provisioning, integrations, and renewals.
  • Make remote work feel reliable. Set the standards and tooling for collaboration, conferencing, home-office setup, and equipment logistics so the team can do their best work from anywhere.

Security, Compliance, and Risk

  • Define and operate the studio's information security posture across people, devices, data, and vendors. Set policy on access, data classification, acceptable use, password and secrets handling, and remote work.
  • Drive Couch Heroes toward formal security and compliance readiness (for example ISO 27001, SOC 2, and ongoing GDPR obligations). Build the documentation, controls, and evidence base needed to support investor, partner, and platform-holder requirements.
  • Own incident response for IT and security events: detection, containment, communication, and post-incident review. Build the runbooks before we need them.
  • Partner with Engineering on shared security concerns such as access to source code and production systems, secrets management standards, and disaster recovery planning. You set the guardrails; Engineering implements within them.

Processes, Vendors, and Budget

  • Build and document the internal IT and security processes the studio runs on: joiner-mover-leaver, access reviews, procurement, change management, vendor onboarding, and data handling. Where processes exist informally, formalise them. Where they don’t exist, create them.
  • Own vendor and contract management for IT and security suppliers, including evaluation, negotiation, renewals, and performance reviews.
  • Manage the IT and security budget. Forecast spend across tooling, licences, hardware, and external services. Make build-versus-buy and outsource-versus-insource calls and defend them.
  • Act as the internal first point of contact for IT support across the studio. Where volume requires it, design and stand up a tiered support model (internal, outsourced, or hybrid).

Cross-Functional Partnership

  • Partner with Finance on systems, controls, and audit-readiness for financial operations.
  • Partner with People on HRIS, onboarding, offboarding, and workforce data handling.
  • Partner with Engineering on the interface between corporate IT and the game development environment. Align on identity, access, security policy, and shared tooling without owning Engineering's build pipelines or production infrastructure.
  • Represent IT and security in leadership conversations on planning, hiring, and strategy.

Must-Haves

  • 8+ years in IT, with at least 3 years in a lead or head-of role owning corporate IT and information security end to end.
  • Proven experience building IT and security functions from an early stage, including selecting tooling, writing policy, and standing up processes that didn’t previously exist.
  • Strong working knowledge of identity and access management, endpoint management (MDM), SaaS administration, and network fundamentals in a remote-first or distributed environment.
  • Hands-on experience leading a studio or company through formal security and compliance work (for example ISO 27001, SOC 2, Cyber Essentials Plus, or equivalent), and a working command of GDPR in a UK and EU context.
  • Demonstrated ability to own vendor management and budget for an IT and security function.
  • Excellent written communication and documentation skills. You write policies, runbooks, and decision records that people actually use.

Nice-to-Haves

  • Experience in a games studio, creative studio, or other high-growth, tooling-heavy environment.
  • Experience supporting engineering organisations and understanding where corporate IT and DevOps responsibilities meet.
  • Relevant certifications such as CISSP, CISM, ISO 27001 Lead Implementer or Auditor.
  • Experience working with external auditors, investor due-diligence processes, or platform-holder security reviews.
  • Familiarity with finance and people systems (ERP, HRIS, payroll) and the controls expected around them.

About You

  • You think in systems and processes. You see an unowned workflow and your instinct is to scope it, document it, and assign it, not to firefight it forever.
  • You are pragmatic about security. You understand that controls only work if the team can actually live with them, and you design accordingly.
  • You are comfortable with ambiguity. Early-stage means many things are undefined, and you treat that as an opportunity to shape the right answer rather than a blocker.
  • You communicate clearly with technical and non-technical stakeholders. You can explain a risk to a co-founder and a control to an engineer in the same afternoon.
  • You work autonomously in a remote environment, proactively keeping your stakeholders informed and your priorities visible.
  • We are committed to making our hiring process accessible. If you require reasonable adjustments at any stage, please let us know.

Couch Heroes have partnered with Skillsearch on this hire. Ryan is leading the search directly with the studio leadership, so feel free to reach out to him at [email protected]. He will be your point of contact throughout. Looking forward to connecting!

Equal Opportunities

Couch Heroes is an equal opportunities employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We welcome applications from all backgrounds and do not discriminate on the basis of age, disability, gender identity or expression, marriage or civil partnership, pregnancy or maternity, race, religion or belief, sex, sexual orientation, or any other protected characteristic.

Privacy and data

We process your personal data as part of the recruitment process. Couch Heroes and Skillsearch both act as data controllers in relation to your application. For details on how your information is collected, used, stored, and your rights under UK GDPR, please review the relevant Privacy Policies below:

Couch Heroes: https://couch-heroes.com/privacy-policy/

Skillsearch: https://www.skillsearch.com/privacy#policy