Own Profluent’s overall security and compliance posture across company systems, scientific computing, lab automation, endpoints, identity, SaaS, cloud infrastructure, networking, and data-handling workflows, and be accountable for the ongoing maturity of security controls and practices across those environments
Lead the implementation and operational maturity work required for Profluent to achieve and maintain SOC 2 and related compliance certification requirements, including control operation, evidence collection, monitoring, and repeatable processes
Serve as the primary owner for security and compliance readiness across company systems, ensuring that Profluent can meet ongoing audit, certification, and customer assurance requirements over time
Own the translation of customer agreements, internal policies, and compliance requirements into concrete technical and operational controls
Standardize and harden bioinformatics, lab informatics, and machine learning environments to align with security, reliability, and compliance requirements
Define and drive adoption of secure baseline configurations, access controls, logging, backup practices, patching standards, and change management processes
Own and evolve how Profluent approaches security more broadly, identifying gaps, prioritizing risks, and driving improvements beyond minimum compliance scope
Drive standardization of Windows-based lab automation environments, balancing security, uptime, vendor constraints, and usability in laboratory settings
Collaborate with stakeholders to document controls, system boundaries, standard operating procedures, and technical evidence needed for audits, certification efforts, and customer reviews
Support vendor and platform evaluations related to security, observability, endpoint management, and infrastructure operations
Improve identity, access, and account lifecycle management across company systems, including onboarding, offboarding, least-privilege access, and periodic access review support
Monitor key systems and respond to operational issues with an emphasis on root-cause analysis and durable remediation
Maintain asset, system, and environment documentation so that critical processes are auditable, supportable, and repeatable

Requirements

Experience operating with broad ownership across infrastructure, security, and compliance in regulated, audit-conscious, or security-sensitive environments
Experience serving as the most senior or primary security owner in a startup or scaling environment, even without a large dedicated security team
Breadth across infrastructure security, corporate security, IAM, endpoint management, logging and monitoring, vulnerability reduction, incident response, vendor risk, and compliance
Demonstrated ability to take ownership in ambiguous environments and set direction, not just execute within a narrowly defined specialty
Familiarity with Windows-based lab automation systems and the realities of instrument-connected or vendor-managed environments
Experience implementing or operating against security and compliance frameworks such as SOC 2, ISO 27001, NIST CSF, or similar
Strong understanding of identity and access management, SSO, MFA, endpoint management, logging, patching, vulnerability reduction, and system hardening
Ability to translate compliance and contractual data-handling requirements into concrete technical and operational controls
Strong documentation skills, with the ability to create policies, procedures, standards, and technical runbooks that others can follow
Experience preparing organizations for, achieving, or maintaining external compliance certifications or audit readiness
Experience with infrastructure as code and/or configuration management tools such as Terraform, Ansible, or equivalent
Experience administering Windows environments, preferably including systems used in laboratory, automation, manufacturing, or instrument-connected settings

Benefits

Competitive compensation package with equity participation
Comprehensive benefits including health/dental/vision insurance
Generous PTO policy and commitment to work-life balance
Professional development opportunities in a cutting-edge field at the intersection of AI and biology

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security controlscompliance frameworksSOC 2ISO 27001NIST CSFidentity and access managementendpoint managementvulnerability reductionincident responseinfrastructure as code

Soft Skills

ownershipdirection settingdocumentation skillscollaborationroot-cause analysisrisk prioritizationambiguous environment navigationprocess standardizationcommunicationtechnical translation