IT Security Manager

Vaga não está no LinkedIn

🕒 Junho 1

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

EdVisorly

SiteLinkedInTodas as Vagas

11 - 50 funcionários

Fundada em 2019

🤖 Inteligência Artificial

📚 Educação

☁️ SaaS

Artificial Intelligence • Education • SaaS

A EdVisorly é uma empresa de tecnologia educacional que utiliza IA para modernizar e automatizar os processos de transferência universitária, incluindo avaliação de históricos escolares, equivalência de créditos de transferência e recrutamento de estudantes transferidos. Sua plataforma EddyAI automatiza o processamento de históricos e fornece insights sobre dados de matrícula; o EdVisorlyRecruit foca no recrutamento de estudantes prontos para transferência; o EddyDB cria um banco de dados centralizado de equivalências alimentado por IA; e o EddyNavigate oferece ferramentas voltadas para estudantes para transparência de créditos em tempo real. A empresa tem como público-alvo universidades, faculdades comunitárias e outras instituições de ensino superior para melhorar a eficiência das admissões, impulsionar o recrutamento e aprimorar a tomada de decisão dos estudantes.

Descrição

• Own EdVisorly’s day-to-day security program, translating vCISO direction into outcomes across identity, detection, data, and application security • Maintain and evolve the SOC 2 Type II compliance program—evidence collection, control mapping, policy updates, audit preparation • Draft, update, and operationalize security policies and procedures, ensuring documentation reflects real practices and company-wide acknowledgment • Develop and maintain incident response runbooks; serve as incident coordinator during events, escalating to the vCISO as needed • Lead deployment and configuration of identity and access management tools (SSO, Adaptive MFA), establishing and enforcing the company's identity perimeter • Directly own and administer identity, MFA, and email security tooling; partner with managed IT and Engineering to ensure security across all platforms • Coordinate with the MSSP on alert triage and access provisioning/deprovisioning, including governance and break-glass procedures • Serve as the primary security liaison to MilesIT, ensuring managed IT aligns with security policies and SOC 2 requirements • Design and maintain a vendor risk management intake process, including questionnaires and a critical vendor register updated quarterly • Support HR and Legal with role-based hiring security controls, background screenings, and provisioning gates • Manage the security awareness program—review effectiveness, refresh content, and conduct annual tabletop exercises • Hold regular security office hours, fostering a culture of shared ownership and security

🎯 Requisitos

• 5+ years of information security experience, with direct ownership of security programs or workstreams • Hands-on experience with SOC 2 Type II (personally led or co-led audit cycles) • Demonstrated ability to draft and implement security policies, standards, and procedures from scratch • Experience configuring/managing security tools in a cloud-first environment (EDR, WAF, DNS security, SIEM/logging, or equivalent) • Familiarity with identity and access management tools (Okta or equivalent SSO/MFA platforms) • Strong written and verbal communication, able to explain security risks to non-technical audiences • Comfort operating with high autonomy and minimal oversight in a fast-paced, ambiguous environment • Experience in SaaS, edtech, or higher education, particularly with FERPA-adjacent or student data privacy (preferred) • Prior mentoring experience or ability to transition into a direct manager as the team grows (preferred) • Familiarity with managed security service providers and escalation workflows (preferred) • Knowledge of cloud security fundamentals (GCP, AWS, IAM, Security Command Center, GuardDuty, S3 policy, etc.) (preferred) • Exposure to application security concepts (SAST, SCA, secure SDLC) (preferred) • Experience with vendor risk management programs (questionnaire design, third-party access tiering) (preferred) • Relevant certifications: CISSP, CISM, GSEC, GCIH, or similar GIAC credentials (preferred)

🏖️ Benefícios

• Shape the future of higher education through technology, data, and design • Work with a mission-driven team that values integrity, teamwork, and excellence • Directly advance equitable access and opportunity for students nationwide • Grow your career as our company and security program scale