IT & Security Operations Manager

Clearstory

$100K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 4-7 years in IT operations, security operations, or SaaS business operations
  • Hands-on SOC 2 evidence collection and audit coordination experience
  • Google Workspace administration experience
  • Experience with compliance platforms like Vanta or Drata
  • SaaS vendor management experience
  • Comfort with automation tools to streamline workflows
  • Ability to work independently with a CTO on security operations

Responsibilities

  • Manage identity and access management for corporate systems
  • Oversee employee onboarding and offboarding processes
  • Act as the internal IT point of contact for technical support
  • Coordinate annual SOC 2 audit process and documentation
  • Execute access reviews to verify user accounts and remediate issues
  • Maintain daily operations of compliance tools like Vanta
  • Track data governance action items from biweekly meetings

Benefits

  • Competitive salary and meaningful equity ownership
  • Comprehensive health, dental, and vision coverage
  • 401(k) plan to support long-term financial goals
  • Flexible PTO and company holidays
  • Remote-friendly work environment with flexibility and autonomy
  • Opportunity to work alongside a high-caliber, mission-driven team
  • Career growth and leadership opportunities as the company scales
Full Job Description
Clearstory is looking for an IT & Security Operations Manager to manage and improve the day-to-day operations of our IT, security compliance, and corporate systems infrastructure.

We've built a solid foundation - SOC 2 compliance tooling in Vanta, structured onboarding and offboarding workflows, a vendor security review process, and a cross-functional data governance program. What we need is a dedicated owner to manage these programs day-to-day, project manage key deliverables, maintain what's already working, and identify opportunities to improve and scale as we grow.

If you thrive as the go-to person for IT, compliance coordination, and keeping an organization running smoothly, this role is for you.

Responsibilities

IT Administration
  • Manage day-to-day identity and access management - Google Workspace admin, Slack admin, AI platform administration, shared inbox management
  • Run employee onboarding provisioning - Day 1 account creation, checklist management, Vanta security onboarding, welcome communications, completion tracking
  • Run employee offboarding - access revocation, system owner coordination, equipment return, deprovisioning verification within SLA
  • Serve as the internal IT point of contact - password resets, hardware troubleshooting, software support, connectivity issues
  • Manage the asset lifecycle - laptop procurement, serial number tracking, equipment reassignment, peripherals ordering
  • Coordinate the annual SOC 2 audit process - project manage evidence collection, organize documentation, track control status in Vanta, follow up on remediation, and liaise with external auditors
  • Execute quarterly and annual access reviews, verifying active users against the employee roster, documenting findings, and remediating stale access
  • Manage Vanta day-to-day - dashboards, weekly compliance summaries, Trust Center access requests, failed test remediation
  • Monitor and drive employee security compliance - agent installs, 1Password provisioning, MFA enforcement, security awareness training
  • Take first pass on inbound customer security questionnaires and maintain an answer library to streamline future responses
  • Track and execute data governance action items from biweekly cross-functional meetings - tool policy enforcement, vendor risk monitoring, etc.

Security & Compliance
  • Coordinate the annual SOC 2 audit process - project manage evidence collection, organize documentation, track control status in Vanta, follow up on remediation, and liaise with external auditors
  • Execute quarterly and annual access reviews, verifying active users against the employee roster, documenting findings, and remediating stale access
  • Manage Vanta day-to-day - dashboards, weekly compliance summaries, Trust Center access requests, failed test remediation
  • Monitor and drive employee security compliance - agent installs, 1Password provisioning, MFA enforcement, security awareness training
  • Take first pass on inbound customer security questionnaires and maintain an answer library to streamline future responses
  • Track and execute data governance action items from biweekly cross-functional meetings - tool policy enforcement, vendor risk monitoring, etc.

Business Operations
  • Maintain and improve a centralized SaaS inventory - tools, seat counts, renewal dates, and costs. Keep a renewal calendar with advance notice to budget owners
  • Manage new software requests - intake, triage, security review routing, approval tracking, provisioning
  • Prepare vendor security assessments - collect SOC 2 reports, DPAs, and documentation for CTO review and approval
  • Support office IT and facilities - conference room AV, key fob provisioning, building management coordination
  • Document key processes - onboarding/offboarding runbooks, SOC 2 evidence collection guides, vendor review steps, AI usage best practices
  • Identify and implement automation opportunities - workflows for onboarding triggers, access request routing, renewal reminders, and offboarding checklists


The Opportunity

This is an opportunity to be the dedicated owner of IT and security operations at a growing SaaS company.

You will:
  • Take ownership of established compliance, IT, and security programs and keep them running smoothly
  • Project manage SOC 2 audit readiness as the company expands its customer base
  • Identify gaps and inefficiencies in existing workflows and fix them
  • Help create scalable processes that support the company through its next stage of growth
  • Work cross-functionally with Engineering, Finance, and GTM teams

Success in this role means Clearstory's IT, security compliance, and corporate systems run reliably and keep getting better over time.
Requirements
  • 4-7 years of experience in IT operations, security operations, or SaaS business operations
  • Hands-on SOC 2 evidence collection and audit coordination experience (not just awareness - you've done the work)
  • Google Workspace administration experience (security settings, groups)
  • Experience with compliance platforms like Vanta, Drata, or similar
  • SaaS vendor management experience - renewals, license optimization, procurement intake
  • Comfort with automation tools to streamline established workflows
  • The ability to work directly with a CTO on security operations without needing hand-holding on fundamentals
  • A builder's mindset - you'd rather create a process than follow a broken one, and you document what you build

Strong plus if you have:
  • Experience completing customer security questionnaires
  • Office or facilities coordination at a startup
  • MDM deployment experience


About You

You're a hands-on operator who gets things done without being asked. You see a problem, fix it, and move on - whether that's a password reset at 9am or prepping access review documentation at 2pm. Task size doesn't faze you because you know the small stuff and the big stuff both matter at a company this size.

You're organized and reliable. When you're asked to coordinate an offboarding or chase down a vendor's SOC 2 report, it gets done on time and nothing slips. You're comfortable working across teams - Engineering, Finance, GTM - and you can translate security and IT requirements into plain language for people who don't live in that world.

You understand that IT and security operations at a growing company isn't glamorous - but you also know it's foundational. You've seen what happens when access deprovisioning slips or when SOC 2 evidence collection becomes a fire drill. You're the person who keeps things running so that doesn't happen.

This is not a security engineering or CISO-track role - the CTO owns security architecture and policy. This is not a pure helpdesk role either - IT support is part of the job, but compliance coordination and process maintenance are the core.

Benefits

  • Competitive salary and meaningful equity ownership
  • Comprehensive health, dental, and vision coverage
  • 401(k) plan to support your long-term financial goals
  • Flexible PTO and company holidays
  • Remote-friendly work environment with flexibility and autonomy
  • Opportunity to work alongside a high-caliber, mission-driven team
  • Career growth and leadership opportunities as the company scales

Similar Jobs

More Jobs at Clearstory

More Information Technology Jobs

Find similar IT & Security Operations Manager jobs: