IT & Security Operations Manager

Clearstory is looking for an IT & Security Operations Manager to manage and improve the day-to-day operations of our IT, security compliance, and corporate systems infrastructure. We've built a solid foundation - SOC 2 compliance tooling in Vanta, structured onboarding and offboarding workflows, a vendor security review process, and a cross-functional data governance program. What we need is a dedicated owner to manage these programs day-to-day, project manage key deliverables, maintain what's already working, and identify opportunities to improve and scale as we grow. If you thrive as the go-to person for IT, compliance coordination, and keeping an organization running smoothly, this role is for you. Responsibilities IT Administration Manage day-to-day identity and access management - Google Workspace admin, Slack admin, AI platform administration, shared inbox management Run employee onboarding provisioning - Day 1 account creation, checklist management, Vanta security onboarding, welcome communications, completion tracking Run employee offboarding - access revocation, system owner coordination, equipment return, deprovisioning verification within SLA Serve as the internal IT point of contact - password resets, hardware troubleshooting, software support, connectivity issues Manage the asset lifecycle - laptop procurement, serial number tracking, equipment reassignment, peripherals ordering Coordinate the annual SOC 2 audit process - project manage evidence collection, organize documentation, track control status in Vanta, follow up on remediation, and liaise with external auditors Execute quarterly and annual access reviews, verifying active users against the employee roster, documenting findings, and remediating stale access Manage Vanta day-to-day - dashboards, weekly compliance summaries, Trust Center access requests, failed test remediation Monitor and drive employee security compliance - agent installs, 1Password provisioning, MFA enforcement, security awareness training Take first pass on inbound customer security questionnaires and maintain an answer library to streamline future responses Track and execute data governance action items from biweekly cross-functional meetings - tool policy enforcement, vendor risk monitoring, etc. Security & Compliance Coordinate the annual SOC 2 audit process - project manage evidence collection, organize documentation, track control status in Vanta, follow up on remediation, and liaise with external auditors Execute quarterly and annual access reviews, verifying active users against the employee roster, documenting findings, and remediating stale access Manage Vanta day-to-day - dashboards, weekly compliance summaries, Trust Center access requests, failed test remediation Monitor and drive employee security compliance - agent installs, 1Password provisioning, MFA enforcement, security awareness training Take first pass on inbound customer security questionnaires and maintain an answer library to streamline future responses Track and execute data governance action items from biweekly cross-functional meetings - tool policy enforcement, vendor risk monitoring, etc. Business Operations Maintain and improve a centralized SaaS inventory - tools, seat counts, renewal dates, and costs. Keep a renewal calendar with advance notice to budget owners Manage new software requests - intake, triage, security review routing, approval tracking, provisioning Prepare vendor security assessments - collect SOC 2 reports, DPAs, and documentation for CTO review and approval Support office IT and facilities - conference room AV, key fob provisioning, building management coordination Document key processes - onboarding/offboarding runbooks, SOC 2 evidence collection guides, vendor review steps, AI usage best practices Identify and implement automation opportunities - workflows for onboarding triggers, access request routing, renewal reminders, and offboarding checklists The Opportunity This is an opportunity to be the dedicated owner of IT and security operations at a growing SaaS company. You will: Take ownership of established compliance, IT, and security programs and keep them running smoothly Project manage SOC 2 audit readiness as the company expands its customer base Identify gaps and inefficiencies in existing workflows and fix them Help create scalable processes that support the company through its next stage of growth Work cross-functionally with Engineering, Finance, and GTM teams Success in this role means Clearstory's IT, security compliance, and corporate systems run reliably and keep getting better over time. The Company You'll Join Clearstory is a SaaS platform modernizing how construction companies communicate, approve, and track change orders and related cost workflows. We replace paper, spreadsheets, and email with simple, trusted financial workflows that help contractors get paid accurately and on time. We are a Series B, 100% SaaS company with strong product-market fit, growing six-figure deals, and a large, underserved TAM. Our customers love us, our retention is strong, and we are building for long-term impact.