IT Security Manager

Stelle nicht auf LinkedIn

🕒 vor 14 Tagen

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

EdVisorly

WebsiteLinkedInAlle Stellen

11 - 50 Mitarbeiter

Gegründet 2019

🤖 Künstliche Intelligenz

📚 Bildung

☁️ SaaS

Artificial Intelligence • Education • SaaS

EdVisorly ist ein Unternehmen für Bildungstechnologie, das Künstliche Intelligenz einsetzt, um Hochschulübertragungsprozesse zu modernisieren und zu automatisieren, einschließlich der Bewertung von Transkripten, der Gleichwertigkeit von Transferkrediten und der Rekrutierung von Transferstudenten. Ihre EddyAI-Plattform automatisiert die Verarbeitung von Transkripten und bietet Einblicke in Einschreibedaten; EdVisorlyRecruit konzentriert sich auf die Rekrutierung von übertragungsbereiten Studenten; EddyDB erstellt eine zentrale, KI-gestützte Äquivalenzdatenbank; und EddyNavigate bietet studentenorientierte Tools für Echtzeit-Kredittransparenz. Das Unternehmen richtet sich an Universitäten, Community Colleges und andere Hochschulinstitutionen, um die Effizienz bei der Zulassung zu verbessern, die Rekrutierung zu steigern und die Entscheidungsfindung der Studenten zu optimieren.

Beschreibung

• Own EdVisorly’s day-to-day security program, translating vCISO direction into outcomes across identity, detection, data, and application security • Maintain and evolve the SOC 2 Type II compliance program—evidence collection, control mapping, policy updates, audit preparation • Draft, update, and operationalize security policies and procedures, ensuring documentation reflects real practices and company-wide acknowledgment • Develop and maintain incident response runbooks; serve as incident coordinator during events, escalating to the vCISO as needed • Lead deployment and configuration of identity and access management tools (SSO, Adaptive MFA), establishing and enforcing the company's identity perimeter • Directly own and administer identity, MFA, and email security tooling; partner with managed IT and Engineering to ensure security across all platforms • Coordinate with the MSSP on alert triage and access provisioning/deprovisioning, including governance and break-glass procedures • Serve as the primary security liaison to MilesIT, ensuring managed IT aligns with security policies and SOC 2 requirements • Design and maintain a vendor risk management intake process, including questionnaires and a critical vendor register updated quarterly • Support HR and Legal with role-based hiring security controls, background screenings, and provisioning gates • Manage the security awareness program—review effectiveness, refresh content, and conduct annual tabletop exercises • Hold regular security office hours, fostering a culture of shared ownership and security

🎯 Anforderungen

• 5+ years of information security experience, with direct ownership of security programs or workstreams • Hands-on experience with SOC 2 Type II (personally led or co-led audit cycles) • Demonstrated ability to draft and implement security policies, standards, and procedures from scratch • Experience configuring/managing security tools in a cloud-first environment (EDR, WAF, DNS security, SIEM/logging, or equivalent) • Familiarity with identity and access management tools (Okta or equivalent SSO/MFA platforms) • Strong written and verbal communication, able to explain security risks to non-technical audiences • Comfort operating with high autonomy and minimal oversight in a fast-paced, ambiguous environment • Experience in SaaS, edtech, or higher education, particularly with FERPA-adjacent or student data privacy (preferred) • Prior mentoring experience or ability to transition into a direct manager as the team grows (preferred) • Familiarity with managed security service providers and escalation workflows (preferred) • Knowledge of cloud security fundamentals (GCP, AWS, IAM, Security Command Center, GuardDuty, S3 policy, etc.) (preferred) • Exposure to application security concepts (SAST, SCA, secure SDLC) (preferred) • Experience with vendor risk management programs (questionnaire design, third-party access tiering) (preferred) • Relevant certifications: CISSP, CISM, GSEC, GCIH, or similar GIAC credentials (preferred)

🏖️ Vorteile

• Shape the future of higher education through technology, data, and design • Work with a mission-driven team that values integrity, teamwork, and excellence • Directly advance equitable access and opportunity for students nationwide • Grow your career as our company and security program scale