IT Security & Compliance Specialist

Visium ResourcesWilliamsburg, VA

About The Position

Visium Resources has a full-time job opportunity for a senior level IT Security & Compliance Specialist to spearhead security initiatives and governance frameworks. In this role, you will bridge the gap between high-level compliance and hands-on technical security engineering. You will manage our compliance pipelines, protect our fintech workflows, and champion a security-first culture across our entire organization. This job is perfect for a proactive security professional who thrives in SaaS environments and loves securing cutting-edge tech ecosystems (including cloud, mobile, and AI). Candidates must be U.S. Citizens or U.S. Permanent Resident. Annual salary range: $145,000–$175,000, plus benefits

Requirements

  • Experience managing/leading the end-to-end process of achieving and maintaining SOC 2 compliance, OR comparable/translatable audit and compliance frameworks (e.g., ISO 27001, HIPAA, PCI-DSS).
  • Recent experience preferred; minimum 5 years; multiple audits/renewals preferred.
  • A proven background working within SaaS environments, with a strong preference for candidates experienced in logistics, supply chain, or short-haul trucking platforms (specifically dealing with truck routing and fleet dispatch).
  • Proven experience serving as a primary security contact for medium to large enterprises.
  • Strong exposure to secure processes for diverse, interconnected ecosystems across web, mobile, cloud infrastructure, and APIs.
  • Ability to work hands-on with React and Node.js codebases to implement secure coding practices.
  • Direct experience with DevSecOps tools (e.g., Snyk), CI/CD pipelines, internal penetration testing, and Firestore/Firebase security rule governance.
  • Experience or strong capability in running prompt injection tests and securing LLM-powered chatbots.
  • Familiarity with cloud security, preferably within the Google Cloud Platform (GCP) and Firebase ecosystem.
  • Familiarity with modern AI security frameworks, including protecting custom AI models and securing Model Context Protocol (MCP) servers.

Nice To Haves

  • Proven deep hands-on software-security engineering is a bonus and not expected day one.

Responsibilities

  • Lead and manage the end-to-end process of achieving and maintaining our SOC 2 compliance.
  • Create, enforce, and govern comprehensive IT and Information security policies across the entire organization.
  • Serve as the primary security liaison for enterprise clients, confidently answering complex security questionnaires and navigating financial audits.
  • Interface directly with client security teams, respond to vendor security questionnaires, and optimize our IT Managed Service Provider (MSP) relationships to dictate how we best leverage them.
  • Act as a hands-on security engineer to review and improve secure coding practices across our React and Node.js codebase, ensuring the safety of our fintech workflows.
  • Manage and monitor DevSecOps tools like Snyk to catch vulnerabilities early in the CI/CD pipeline.
  • Conduct internal penetration tests, review Firebase/Firestore security rules, and rigorously develop disaster recovery plans.
  • Design and execute vulnerability testing specifically for our AI features, running prompt injection tests against our LLMs and chat-bots to ensure data integrity.
  • Take full ownership of company-wide security awareness training, actively building an internal culture of vigilance and security awareness.

Benefits

  • plus benefits
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service