Director of IT & Security

Paperless PartsBoston, MA
$190,000 - $258,000Hybrid

About The Position

Paperless Parts is a SaaS startup helping manufacturers quote faster and win more work. From rockets to medical devices, we power the parts that move the world forward. This position requires activities that are subject to US Export Control Laws and require US Citizenship or Green Card Holder. As the Director of IT and Security at Paperless Parts you'll own the intersection of corporate IT, engineering enablement, and enterprise security. Reporting directly to our CISO, you’ll have real, day-to-day proximity to the teams whose productivity and security posture you are shaping. This is a full-time position based in Boston, MA and requires on-site presence, with a hybrid schedule as needed. As Director of IT & Security, you'll own the intersection of corporate IT, engineering enablement, and enterprise security. You'll report to our CISO and sit within Engineering, which means you'll have real proximity to the teams whose productivity and security posture you're shaping. Your core focus is enterprise security and corporate IT. But we're one team, and the best version of this role contributes broadly: helping engineers ship securely, supporting the compliance program where your expertise adds value, and closing gaps regardless of where they show up on an org chart. You'll inherit a capable team and a clear mandate: raise the floor on security and operational maturity while keeping Paperless Parts moving fast. We're looking for someone who has navigated company scaling before and can anticipate what we'll need before it becomes a problem.

Requirements

  • 8+ years in IT, security, or a combined role, with at least 3 years in a leadership position
  • Demonstrated experience scaling IT and/or security at a high-growth company, ideally from startup scale through a significant expansion
  • Hands-on familiarity with FedRAMP Moderate, SOC 2, or comparable compliance frameworks
  • Fluency with infrastructure and configuration as code practices (e.g., policy-as-code, automated provisioning, GitOps-style change management)
  • Experience managing and developing early-career IT and security professionals
  • Experience driving adoption of new tooling or technology across a non-technical or mixed technical/non-technical population, including designing training or enablement programs
  • You default to finding a solution, not delivering a verdict: you dig into the underlying need, do the discovery, and work with the team to find a path that actually works
  • You think in systems and anticipate second-order effects: you don't just fix what's broken, you design so it doesn't break
  • You're comfortable with ambiguity and can operate with minimal process while also being the person who builds the process
  • You communicate clearly with both technical and non-technical stakeholders, including engineers, executives, and auditors
  • You treat security as an enabler, not a gate
  • You're genuinely curious about how AI tools can make your team and the broader organization more effective, and you're energized by leading that adoption, not just advising on it

Nice To Haves

  • Experience at a SaaS company serving regulated industries (government, defense, or manufacturing)
  • Familiarity with FedRAMP Moderate authorization boundaries and the nuances of corporate vs. product scope
  • Background that spans both IT operations and security engineering
  • Experience specifically with AI tooling adoption or governance

Responsibilities

  • Own the architecture, reliability, and roadmap for our corporate IT environment
  • Lead procurement, deployment, and lifecycle management of endpoint and SaaS tooling
  • Design for developer experience as a first-class outcome, not an afterthought
  • Drive efficiency through automation: access provisioning, onboarding/offboarding workflows, and configuration management
  • Own enterprise security controls: detection, response, access management, and data protection for our internal environment
  • Manage the corporate side of our FedRAMP Moderate compliance program, including the boundary relationship between corporate IT and the product authorization boundary
  • Champion compliance and configuration as code, treating policy and security controls as versioned, auditable artifacts rather than manual processes
  • Lead audit readiness, vendor security reviews, and security awareness programs
  • Partner with the product security team on shared risk surfaces
  • Embed meaningfully in Engineering workflows rather than operating as a separate function
  • Default to ownership: operate without boundaries, pick up what falls between functions, and treat security outcomes as shared responsibility
  • Serve as a credible technical peer to engineering leads on infrastructure decisions, tooling choices, and compliance tradeoffs
  • Drive adoption of our AI tooling across the company: rollout planning, communication, and ongoing evaluation of effectiveness
  • Design and drive an AI literacy program: training, office hours, and internal documentation so teams beyond Engineering can use AI tools effectively and safely
  • Measure and report on adoption and impact of AI tooling initiatives to leadership
  • Manage and develop an IT IC, providing mentorship and clear career growth pathways
  • Build a function that scales: document playbooks, establish repeatable processes, and hire ahead of need
  • Represent IT and Security in cross-functional conversations about infrastructure investment, risk tolerance, and compliance priorities
  • Responsible for adherence to all security and privacy requirements, rules and regulations and implement as required.

Benefits

  • Competitive compensation philosophy
  • Unlimited PTO
  • 13+ paid holidays
  • Company-sponsored wellness stipend
  • Pre-tax Commuter and FSA/Dependent Care FSA
  • 401(k) plan
  • Employee recognition program
  • 100% coverage of health, dental, and vision for you and your dependent
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service