Security & IT Administrator

Culture On Camera's client is a dynamic software startup revolutionizing the world of observability with cutting-edge, open-source solutions. Our technology is trusted by both Fortune 500 giants and fast-growing startups, empowering them to collect, process, and route telemetry data seamlessly. By integrating with industry leaders like Google Cloud Operations Suite, Datadog, and New Relic, we help businesses optimize their operations and gain critical insights with ease. As we scale, we're on the lookout for a skilled Security & IT Administrator to safeguard our technology ecosystem and keep our operations running smoothly.

Role Overview

In this role, you'll wear two essential hats—IT operations and security leadership. You'll manage internal IT infrastructure, ensuring seamless day-to-day operations for our team. More importantly, you'll spearhead security initiatives across our organization, from product development and cloud hosting to customer-facing SaaS offerings. Your mission? To uphold compliance with industry standards, protect our data and infrastructure, and implement risk management strategies that fortify our technology. If you're someone who thrives at the intersection of IT and cybersecurity, this is your chance to make a real impact.

Responsibilities
Security Management

• Maintain and update security policies including Information Security Policy, Data Retention, and Risk Management
• Lead the Security Advisory Board meetings and coordinate security initiatives
• Conduct annual risk assessments and maintain a risk register
• Manage the vendor assessment program, including reviewing security documentation from vendors
• Oversee SOC 2 compliance, ISO 27001 compliance, and other certification processes to ensure our SaaS product meets industry standards
• Respond to customer security questionnaires and RFPs regarding our product security practices
• Collaborate with development teams to implement secure coding practices and security testing
• Ensure data security through proper access controls, encryption, and audit procedures
• Guide implementation of security controls for cloud systems (primarily Google Cloud) hosting our SaaS applications
• Develop and enforce security standards for our software development lifecycle
• Verify that our product meets security requirements specified in customer and partner agreements
• Support incident response planning and exercises for both infrastructure and product-related security events
• Develop and deliver security awareness training for employees

IT Administration

• Manage employee accounts and services across Google Workspace, SaaS applications, and development platforms
• Lead employee onboarding and offboarding processes, ensuring timely account provisioning and de-provisioning
• Administer and support mobile devices, laptops, and other hardware throughout their lifecycle
• Maintain documentation for IT systems and processes
• Manage relationships with IT vendors and service providers

Key Functions

• Maintain and improve security policies, processes, and controls
• Ensure compliance with relevant standards and frameworks
• Lead security and IT initiatives to support company growth
• Balance operational IT tasks with strategic security planning
• Serve as the primary point of contact for employee IT needs and security concerns

Qualifications

• 5+ years of experience in IT administration and information security, particularly in SaaS environments (Required)
• Experience managing Google Workspace and other cloud-based productivity tools (Required)
• Experience with account lifecycle management and identity systems (Required)
• Deep knowledge of security frameworks (SOC 2, NIST, ISO 27001) (Required)
• Experience with cloud security, particularly GCP (Required)
• Experience managing compliance and certification processes (Required)
• Strong documentation and communication skills (Required)
• Understanding of DevOps and software development processes (Required)
• Experience implementing and managing endpoint security solutions (Required)
• Security certifications (CISSP, CISM, or similar) (Preferred)
• Experience with OpenTelemetry or observability platforms (Preferred)
• Background in software development or engineering (Preferred)
• Experience with incident response and security event management (Preferred)
• Familiarity with automated security tooling and controls (Preferred)
• Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent work experience) (Preferred)

Benefits

• 401(k) retirement savings plan with employer matching
• Comprehensive health, dental, and vision insurance
• Life insurance coverage
• Employee assistance program for personal and professional support
• Generous paid time off, including vacation, sick leave, and holidays
• Opportunities for professional development and continuous learning