Corporate IT Engineer

About The Position

Requirements

• 6+ years of IT and/or security operations experience, ideally at a scaling SaaS or fintech products: you have a reputation as the person keeping things running while headcount doubles.
• Hands-on experience with SOC 2 Type II: you have collected evidence, managed a control framework, and coordinated with auditors before (or can demonstrate equivalent compliance program ownership).
• Working knowledge of MDM tools (Kandji or equivalent), identity providers (Okta or equivalent), and continuous compliance platforms (Secureframe or equivalent).
• Extensive experience in a primarily Mac environment (although we have a few PC users too).
• Comfortable with coordinating compliance requirements and your engineering team: you don't need to be a security engineer, but you need to speak the language.
• Self-directed, organized, and calm under pressure: whether you're debugging a Zoom Room 10 minutes before an all-hands or coordinating a SOC 2 audit, you don't need someone to manage priorities for you.

Nice To Haves

• Been the first or one of the first internal IT hires at an earlier stage or smaller company.
• Experience responding to vendor security questionnaires and customer trust reviews independently.
• Direct experience with Crowdstrike, Cloudflare, or DLP tooling.

Responsibilities

• Be the reliable face of IT for every Maybern employee. When something isn't working, you are the first call and will follow through to resolution.
• Own endpoint management end-to-end: MDM administration (Kandji or equivalent), device provisioning, inventory, and the complete asset inventory lifecycle.
• Own and maintain our conference room and setup: Google Meet/Zoom Rooms should just work, and when they don't, you fix it fast.
• Administer identity providers (Okta or equivalent) and enforce access policies across our fleet.
• Ensure every new hire is set up correctly from their first day across devices, access entitlements, and tools. You will also ensure every departure is accurately offboarded in partnership with People Ops.
• Set our IT foundations up for success as we scale the business.
• Own continuous SOC 2 evidence collection and control respective monitoring.
• Conduct and document quarterly access reviews; coordinate audit prep and serve as the primary liaison with external auditors.
• Administer endpoint security tooling (CrowdStrike or equivalent); monitor for anomalies, escalate and triage incidents with engineering when warranted.
• Coordinate annual security training completion, track attestations, and flag gaps.
• Maintain and continuously improve a security response library to reduce cycle time on questionnaires.
• Independently respond to vendor security questionnaires (VSQs) and own the security sections of due diligence questionnaires (DDQs).
• Conduct quarterly access audits across our SaaS stack; manage license governance and monitor for "shadow IT".
• Own the vendor security review process for software and hardware procurement.
• Identify opportunities to rationalize the stack and reduce tooling sprawl.

Benefits

• Competitive salary + equity package
• Comprehensive benefits
• Flexible family-friendly work environment
• Comprehensive healthcare benefits
• Maybern covers 100% of medical, dental, and vision premiums
• HSA & FSA plans
• Paid parental leave
• Flexible schedule
• Flexible PTO / sick leave
• WFH as needed to fit your needs
• 401k