Own and maintain the IT and Security roadmap aligned to business needs, SOC 2 expectations, and customer requirements
Prioritize and sequence investments across identity, devices, endpoint protection, SOC 2 controls, and collaboration tooling
Define and communicate IT and Security standards, policies, and architectural decisions
Partner with leadership to develop budget forecasts and resourcing plans for IT and cybersecurity
Identify operational and compliance risks and propose mitigation strategies and tradeoffs
Administer collaboration and identity platforms (Google Workspace, Microsoft 365, Slack, IAM, MDM, endpoint protection, etc.)
Configure and manage onboarding/offboarding workflows and IT provisioning
Implement and maintain IT helpdesk processes (low-volume)
Support vendor evaluations, integrations, and continuous improvements across the IT stack
Maintain secure device and access management across remote environments
Execute SOC 2 readiness and evidence collection in partnership with external consultants
Maintain IT and security policies, documentation, and control evidence
Coordinate responses to client security questionnaires and due diligence requests
Support vendor risk management and access control processes
Monitor and support incident response workflows in collaboration with leadership and vendors
Implement incremental improvements to device management, identity tooling, and endpoint management
Support responsible adoption of AI tooling and assess operational risks on a practical basis
Document workflows and train internal users on IT processes and tools

Requirements

6–10+ years of experience in IT, security, or technology operations roles
Builder mentality: enjoys improving imperfect systems
Hands-on administration of collaboration platforms, identity tooling, and endpoint management
Experience supporting SOC 2 or similar security frameworks (ISO 27001, NIST, etc.)
Demonstrated ability to improve systems through iterative execution
Comfort operating as a senior IC who both defines strategy and executes tactically
Practical knowledge of security frameworks, risk management, and control implementation

Benefits

Employer subsidized medical, vision, and dental as well as disability and life insurance.
Employer sponsored 401(k) plan with 2% match.
Flexible vacation policy encouraging strong work life balance and paid time away.
We observe all federal holidays.
Alternating 4-day work weeks, with every other Friday off.
12 weeks of gender-neutral paid leave for caregivers when they have a new addition to their families and an additional 4 weeks of paid leave for birthing parents.
A one-time, work-from-home stipend to help cover any equipment, hardware, etc. you need to set up your remote office.
A monthly allowance of $100 to help cover phone and Wi-Fi expenses.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

IT operationscybersecuritySOC 2identity managementendpoint protectionrisk managementcontrol implementationIT provisioningincident responsedocumentation

Soft Skills

builder mentalityiterative executionstrategic thinkingtactical executioncommunicationcollaborationproblem-solvingleadershiporganizational skillstraining

Certifications

SOC 2ISO 27001NIST