Job Description:
• Own and maintain the IT and Security roadmap aligned to business needs, SOC 2 expectations, and customer requirements
• Prioritize and sequence investments across identity, devices, endpoint protection, SOC 2 controls, and collaboration tooling
• Define and communicate IT and Security standards, policies, and architectural decisions
• Partner with leadership to develop budget forecasts and resourcing plans for IT and cybersecurity
• Identify operational and compliance risks and propose mitigation strategies and tradeoffs
• Administer collaboration and identity platforms (Google Workspace, Microsoft 365, Slack, IAM, MDM, endpoint protection, etc.)
• Configure and manage onboarding/offboarding workflows and IT provisioning
• Implement and maintain IT helpdesk processes (low-volume)
• Support vendor evaluations, integrations, and continuous improvements across the IT stack
• Maintain secure device and access management across remote environments
• Execute SOC 2 readiness and evidence collection in partnership with external consultants
• Maintain IT and security policies, documentation, and control evidence
• Coordinate responses to client security questionnaires and due diligence requests
• Support vendor risk management and access control processes
• Monitor and support incident response workflows in collaboration with leadership and vendors
• Implement incremental improvements to device management, identity tooling, and endpoint management
• Support responsible adoption of AI tooling and assess operational risks on a practical basis
• Document workflows and train internal users on IT processes and tools
Requirements:
• 6–10+ years of experience in IT, security, or technology operations roles
• Builder mentality: enjoys improving imperfect systems
• Hands-on administration of collaboration platforms, identity tooling, and endpoint management
• Experience supporting SOC 2 or similar security frameworks (ISO 27001, NIST, etc.)
• Demonstrated ability to improve systems through iterative execution
• Comfort operating as a senior IC who both defines strategy and executes tactically
• Practical knowledge of security frameworks, risk management, and control implementation.
Benefits:
• Employer subsidized medical, vision, and dental as well as disability and life insurance.
• Employer sponsored 401(k) plan with 2% match.
• Flexible vacation policy encouraging strong work life balance and paid time away.
• We observe all federal holidays.
• Alternating 4-day work weeks, with every other Friday off.
• 12 weeks of gender-neutral paid leave for caregivers when they have a new addition to their families and an additional 4 weeks of paid leave for birthing parents.
• A one-time, work-from-home stipend to help cover any equipment, hardware, etc. you need to set up your remote office.
• A monthly allowance of $100 to help cover phone and Wi-Fi expenses.