IT Security & Compliance Lead
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Lead IT, security, and compliance initiatives for empathetic AI company mpathic. Oversee SOC 2 compliance, security controls, and partner with teams on enhancing productivity.
Responsibilities:
- Own internal IT systems including identity management, device management, endpoint security, and SaaS tooling.
- Lead SOC 2 and other compliance programs, including audit readiness, evidence collection, auditor coordination, and remediation.
- Design, implement, and maintain security controls such as access controls, encryption, logging, and vulnerability management.
- Develop and maintain security policies, procedures, and documentation aligned with frameworks such as SOC 2, NIST, and ISO 27001.
- Manage identity lifecycle processes, including onboarding, offboarding, and access reviews using least-privilege principles.
- Evaluate, select, and implement IT and security tools (MDM, EDR, SSO/IdP, DLP, logging).
- Oversee vendor security reviews and third-party risk management.
- Partner with engineering and operations to ensure secure configurations across cloud infrastructure and SaaS applications.
- Participate in incident response activities and drive continuous improvement from security events.
- Automate IT and security workflows where possible to improve efficiency and reliability.
Requirements:
- 5+ years of experience across IT, security engineering, or compliance-focused roles
- Hands-on experience leading SOC 2 audits (Type I or II) or comparable compliance efforts
- Strong understanding of identity and access management, endpoint security, and SaaS security configuration
- Experience working in cloud-first environments (AWS, GCP, or Azure)
- Comfortable owning ambiguous, cross-functional problems and prioritizing pragmatically
- Strong communication skills and the ability to work effectively with both technical and non-technical stakeholders
- Experience with scripting or automation for IT/security workflows is a plus.
Benefits:
- 100% employer-funded healthcare
- Flexible managed PTO
- Training and education funding
- Regular in-person retreats
Similar Jobs
Security Engineer
Security Engineer responsible for deploying secure infrastructure and SIEM solutions. Collaborating with MSSP clients and teams to enhance security practices.
Chief Information Security Officer
Chief Information Security Officer focusing on governance and risk management in fintech company. Responsible for implementing information security management systems under ISO 27001 standards.
Cybersecurity Governance Analyst
Governance Analyst contributing to Cybersecurity governance at SailPoint. Involve in policy documentation and compliance activities aligned with industry best practices.
Senior Cloud Cyber Security Engineer
Senior Cloud Cyber Security Engineer designing secure cloud architectures and ensuring compliance for Sentara Health. Conducting security assessments and collaborating with cross-functional teams to enhance cloud security.
Senior Manager, Product Security
Senior Manager of Product Security at Amgen developing strategies to counter threats to the global supply chain. Responsible for overseeing security initiatives and collaborating across diverse teams.
Account Executive – Cybersecurity, Risk Assurance
Account Executive managing complex B2B sales for Sensiba’s cybersecurity and risk assurance services. Focusing on ISO/IEC 27001, SOC 1, and SOC 2 engagements with C-suite executives.
Social Security Claims Specialist
Social Security Specialist at Lincoln Financial handling Social Security Disability Insurance claims. Acts as liaison between internal teams, claimants, and legal representation.
Senior Manager, Cloud Security Consultant
Senior Manager in cloud security at PwC focusing on cybersecurity threats. Leading development and implementation of cloud security strategies with advanced technologies.
Adjunct Faculty, Fundamentals of Networking – Cybersecurity
Adjunct Faculty teaching online course Fundamentals of Networking at UMGC. Engaging adult learners and fostering collaboration in a remote setting.
IT Sales Manager – Modern Infrastructure, Cyber Security, Managed Services
IT Sales Manager responsible for driving B2B sales in Modern Infrastructure, Cyber Security, and Managed Services. Collaborating with consulting teams and establishing new markets in Germany.
Head of Compliance – HIPAA and Security
Head of Compliance (HIPAA) leading strategic legal support and data governance for Bask Health. Overseeing compliance frameworks, training, and regulatory adherence in a remote setup.
Security Engineer
Security Engineer protecting Serve’s delivery platform and infrastructure while collaborating with IT and engineering teams. Ensuring security best practices across cloud infrastructure and applications.
Member of Technical Staff – Security
First dedicated security hire responsible for building security practices at AI infrastructure company. Defining company-wide security strategy and collaborating with engineering and research teams.
Cybersecurity Engineer
Cybersecurity Engineer responsible for maintaining security in compliance-driven environments for Teal. Protecting clients through security monitoring, vulnerability management, and incident response.
Cybersecurity Lead
Lead Cybersecurity Strategy at Intersect, safeguarding critical systems in a cloud-first environment. Collaborate cross-functionally to integrate security practices for innovative energy solutions.
Principal, Multicloud Data Center Solutions – AI, Data Security & Resilience
Lead development of solutions for enterprise Multicloud/Data Center, AI & Data and Security & Resilience at Dell Technologies. Engage with customers and drive transformative technology solutions.
Lead Security Officer – Rotational
Lead Security Officer ensuring health, safety and security for clients in remote settings. Providing oversight, training, and recommendations based on security operations.
Security Officer, Seasonal
Remote Security Officer monitoring and patrolling assigned areas for safety and security. Working in remote settings where health, safety, and security is a priority.
Platform Engineer, Security
Platform & Security Engineer responsible for IT infrastructure and security at Cosuno. Leading compliance and operational excellence in a remote role.
Security and Threat Operations Engineer
Security and Threat Operations Engineer protecting the fintech environment at OnePay. Collaborating with teams to proactively identify and respond to security threats.