Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
WeaveGrid

Senior Information Security & IT Manager

WeaveGrid

Information Security & IT Senior Manager tasked with overseeing security and IT functions at WeaveGrid. Leading compliance, security programs, and technology adoption initiatives.

Posted 5/9/2026full-timeSan Francisco • California • 🇺🇸 United StatesSenior💰 $115,000 - $163,000 per yearWebsite

Tech Stack

Tools & technologies
AWSCloud

About the role

Key responsibilities & impact
  • Own and execute WeaveGrid's information security and IT program end-to-end — this is a high-impact, hands-on IC role.
  • Maintain cloud security posture across AWS (IAM governance, configuration review, cloud-native security tooling)
  • Own the corporate security control environment — EDR, email security, identity governance, network monitoring, DLP
  • Oversee strategy and day-to-day management of our IT services contractor(s). Ensure operational excellence and intervene as needed to ensure timely responses to internal stakeholders.
  • Serve as the internal technical owner of the corporate IT environment and escalation point for security-intersecting IT issues
  • Manage SOC 2 Type II compliance across all five Trust Service Criteria, including auditor relationships and evidence collection
  • Support CCPA and privacy compliance by monitoring and managing data subject access requests and the associated overarching process, applicable website technologies, and ad hoc privacy requests, in partnership with the Legal team.
  • Own application security for our web and mobile products, including coordinating annual penetration tests and driving remediation with Engineering.
  • Run the vulnerability management program — prioritization, tracking, and reporting.
  • Manage incident response — maintain the IR plan, run tabletop exercises, and handle real incidents through to post-mortem.
  • Maintain and test BC/DR plans in coordination with Engineering and Operations.
  • Conduct and document quarterly access reviews across critical systems.
  • Review security terms in vendor and customer contracts; complete customer security questionnaires; run vendor risk assessments.
  • Help administer the personnel security program (security awareness training, onboarding/offboarding controls) in partnership with the People team.
  • Lead the company’s Information Security & IT Committee — evaluating tools, defining acceptable use, and managing data exposure risk across sanctioned tools, including AI platforms
  • Drive AI and new technology adoption within WeaveGrid, engaging internal and external stakeholders as applicable

Requirements

What you’ll need
  • 7+ years in information security with meaningful program ownership experience
  • Experience at a growth-stage startup company, ideally as a primary security practitioner
  • Experience providing or overseeing IT services
  • Obsessed with client service and meeting internal SLAs
  • Hands-on SOC 2 Type II experience — you've run an audit, not just supported one.
  • Familiarity with leading security and compliance governance tools (i.e. Vanta, Drata, OneTrust).
  • Working knowledge of CCPA and US data privacy requirements
  • Experience reviewing contractual security requirements.
  • Deep interest in and knowledge of leading AI tooling, as applicable to early-stage startups.
  • Proven track record driving security, compliance, and/or technology change within a fast-paced organization.
  • Familiarity with AI security risks and SaaS AI governance
  • Preferred Experience or familiarity with ISO 27001, NIST 800-53, NERC CIP, OWASP.
  • Comfortable writing Bash scripts for automation and MDM enforcement tasks
  • Strong written communication — you can brief an exec and write audit-ready documentation
  • CISSP, CISM, or equivalent.

Benefits

Comp & perks
  • equity (stock options)

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cloud securityAWSEDRidentity governancenetwork monitoringvulnerability managementincident responseBash scriptingapplication securitydata privacy
Soft Skills
client servicecommunicationprogram ownershipleadershipcollaborationproblem-solvingorganizational skillsstakeholder engagementoperational excellencetraining
Certifications
CISSPCISMISO 27001NIST 800-53NERC CIPOWASP