mpathic

IT Security & Compliance Lead

mpathic

full-time

Posted on:

Location Type: Remote

Location: Remote • Colorado • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $120,000 - $160,000 per year

Job Level

Senior

Tech Stack

AWSAzureCloudGoogle Cloud Platform

About the role

  • Own internal IT systems including identity management, device management, endpoint security, and SaaS tooling.
  • Lead SOC 2 and other compliance programs, including audit readiness, evidence collection, auditor coordination, and remediation.
  • Design, implement, and maintain security controls such as access controls, encryption, logging, and vulnerability management.
  • Develop and maintain security policies, procedures, and documentation aligned with frameworks such as SOC 2, NIST, and ISO 27001.
  • Manage identity lifecycle processes, including onboarding, offboarding, and access reviews using least-privilege principles.
  • Evaluate, select, and implement IT and security tools (MDM, EDR, SSO/IdP, DLP, logging).
  • Oversee vendor security reviews and third-party risk management.
  • Partner with engineering and operations to ensure secure configurations across cloud infrastructure and SaaS applications.
  • Participate in incident response activities and drive continuous improvement from security events.
  • Automate IT and security workflows where possible to improve efficiency and reliability.

Requirements

  • 5+ years of experience across IT, security engineering, or compliance-focused roles
  • Hands-on experience leading SOC 2 audits (Type I or II) or comparable compliance efforts
  • Strong understanding of identity and access management, endpoint security, and SaaS security configuration
  • Experience working in cloud-first environments (AWS, GCP, or Azure)
  • Comfortable owning ambiguous, cross-functional problems and prioritizing pragmatically
  • Strong communication skills and the ability to work effectively with both technical and non-technical stakeholders
  • Experience with scripting or automation for IT/security workflows is a plus.
Benefits
  • 100% employer-funded healthcare
  • Flexible managed PTO
  • Training and education funding
  • Regular in-person retreats

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
identity managementdevice managementendpoint securitySaaS toolingsecurity controlsaccess controlsencryptionvulnerability managementsecurity policiesautomation
Soft skills
leadershipcommunicationproblem-solvingcross-functional collaborationprioritization
Certifications
SOC 2NISTISO 27001