Corporate Tools
Overview
We’re on the hunt for a hands-on, sharp-thinking Security & Compliance Lead to level up the physical and operational security of our data center. If you thrive in fast-moving environments, love solving complex problems, and know how to turn policy into action you’ll fit right in. In this role, you’ll be the go-to expert on everything from physical access controls and compliance standards to threat detection and incident response. You’ll work closely with IT, facilities, and leadership teams to build smart strategies, lead investigations, and keep our data center rock-solid. Think of yourself as part detective, part strategist, part guard dog; helping us stay ahead of threats with layered defenses, real-time monitoring, and a strong culture of security awareness. Whether you’re jumping into a live incident or preparing for the next big audit, you’ll have the autonomy to make smart calls and the trust to follow through.
Wage $110k-$120k DOE
Benefits
100% employer-paid medical, dental and vision for employees
Annual review with raise option
22 days Paid Time Off accrued annually, and 4 holidays
Paid Parental Leave
Up to 6% company matching 401(k) with no vesting period
Quarterly allowance to support remote work setup, continuing education, or personal amenities
Open concept office with friendly coworkers
Creative environment where you can make a difference
Responsibilities
Develop and maintain security policies, standards, and baseline configurations for the data center.
Enhance layered physical security systems, including CCTV, badge readers, biometrics, and intrusion alarms.
Manage 24/7 access controls, including visitor management, staff clearances, badge systems, and vendor accreditation.
Lead risk assessments (e.g., FMEA, threat modeling), identify vulnerabilities, and recommend remediation.
Ensure compliance with standards like SOC 2, ISO 27001, and PCI DSS; coordinate audits and maintain audit-ready documentation.
Serve as Incident Commander or key responder for physical breaches, alarms, or policy violations; lead investigations and reporting.
Maintain and improve incident response playbooks; train staff on protocols and best practices.
Deploy and manage security monitoring tools (e.g., SIEM, physical access logs) and define KPIs for access attempts and compliance health.
Deliver regular security reports to leadership and key stakeholders.
Run training and awareness programs for staff and contractors on physical security and compliance.
Oversee vendor and third-party compliance through assessments, audits, and contractual reviews.
Continuously improve security posture by applying industry best practices and staying current on emerging threats and technologies.
Requirements
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience in security and compliance.
5+ years in security, compliance, or audit roles within IT infrastructure or data centers.
Demonstrable experience managing SOC2, ISO27001, PCI DSS, HIPAA, or GDPR compliance.
Hands-on familiarity with physical security systems like CCTV, badge control, biometric access, and alarms.
Deep knowledge of SIEM systems, incident response frameworks, and risk assessment methodologies.
Comfortable with networking/physical infrastructure concepts: VLANs, firewalls, environmental sensors, racks.
Strong leadership and interpersonal skills; a proactive, self-driven contributor who can work with or without a team.
Additional Details
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Other, Information Technology, and Management
Industries: Software Development
#J-18808-Ljbffr
Wage $110k-$120k DOE
Benefits
100% employer-paid medical, dental and vision for employees
Annual review with raise option
22 days Paid Time Off accrued annually, and 4 holidays
Paid Parental Leave
Up to 6% company matching 401(k) with no vesting period
Quarterly allowance to support remote work setup, continuing education, or personal amenities
Open concept office with friendly coworkers
Creative environment where you can make a difference
Responsibilities
Develop and maintain security policies, standards, and baseline configurations for the data center.
Enhance layered physical security systems, including CCTV, badge readers, biometrics, and intrusion alarms.
Manage 24/7 access controls, including visitor management, staff clearances, badge systems, and vendor accreditation.
Lead risk assessments (e.g., FMEA, threat modeling), identify vulnerabilities, and recommend remediation.
Ensure compliance with standards like SOC 2, ISO 27001, and PCI DSS; coordinate audits and maintain audit-ready documentation.
Serve as Incident Commander or key responder for physical breaches, alarms, or policy violations; lead investigations and reporting.
Maintain and improve incident response playbooks; train staff on protocols and best practices.
Deploy and manage security monitoring tools (e.g., SIEM, physical access logs) and define KPIs for access attempts and compliance health.
Deliver regular security reports to leadership and key stakeholders.
Run training and awareness programs for staff and contractors on physical security and compliance.
Oversee vendor and third-party compliance through assessments, audits, and contractual reviews.
Continuously improve security posture by applying industry best practices and staying current on emerging threats and technologies.
Requirements
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience in security and compliance.
5+ years in security, compliance, or audit roles within IT infrastructure or data centers.
Demonstrable experience managing SOC2, ISO27001, PCI DSS, HIPAA, or GDPR compliance.
Hands-on familiarity with physical security systems like CCTV, badge control, biometric access, and alarms.
Deep knowledge of SIEM systems, incident response frameworks, and risk assessment methodologies.
Comfortable with networking/physical infrastructure concepts: VLANs, firewalls, environmental sensors, racks.
Strong leadership and interpersonal skills; a proactive, self-driven contributor who can work with or without a team.
Additional Details
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Other, Information Technology, and Management
Industries: Software Development
#J-18808-Ljbffr