Triage and manage incoming security requests from entire company.
Own and manage the full vendor security assessment lifecycle (new vendors and annual reviews).
Own and build device management and provisioning process.
Troubleshoot and enhance in-office IT, wifi and physical security.
Partner with product/engineering teams to clarify which controls apply to new features, systems, or architectural changes.
Read python code to understand vulnerabilities and help validate fixes and make small bug fixes or configuration updates when appropriate.
Maintain organized, audit-ready repositories of policies, SOC reports, and control documentation.
Assist with security questionnaires from enterprise customers.
Coordinate evidence collection and organize materials for quarterly/annual audits.
Update and refine security policies to reflect current controls and organizational practices.
Track remediation of security findings from vulnerability scans, pentests, and audits.

Requirements

1-4 years of experience in GRC, security compliance, IT audit or security operations.
Familiarity with SOC 2, PCI DSS, ISO 27001, or similar security frameworks.
Ability to read and understand python code to validate security fixes.
Strong organizational and documentation skills.
Ability to own and prioritize multiple tasks open at once.
Experience with vendor assessments, access reviews, evidence collection, or audit support.
Comfort working with technical teams, asking clarifying questions, and escalating when need.
Nice to have: Payments experience.
Nice to have: Knowledge of penetration testing workflows.
Nice to have: ability to read node.

Benefits

100% of Medical, Dental and Vision premium coverage for yourself and dependents.
Enjoy regular team lunches at our San Francisco office, fostering collaboration and connection over great food.
A fun and caring environment that prioritizes transparency, growth, and ownership.
A talented, diverse, high-achieving, and humble team with diverse backgrounds and viewpoints.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

pythonvendor security assessmentdevice managementIT troubleshootingsecurity policy updatesvulnerability scanningpenetration testingaudit supportevidence collectionsecurity compliance

Soft skills

organizational skillsdocumentation skillstask prioritizationcommunication skillscollaborationproblem-solvingattention to detailescalationclarifying questionsmulti-tasking