Senior IT Security Engineer

About The Role:

The Senior IT Security Engineer is a hands‑on, cross‑functional role within Venture Well's Information Technology (IT) team, responsible for both secure systems engineering and cybersecurity governance, risk, and compliance (GRC). This role owns the security and reliability of Venture Well's macOS fleet, SaaS ecosystem, and cloud infrastructure while supporting compliance with NIST SP 800‑171 and CMMC Level 2.

This role is both strategic and execution‑focused, requiring the ability to think holistically about how Venture Well's systems and security posture should evolve, while also rolling up your sleeves to implement, support and continuously improve those systems in day‑to‑day operations.

You will proactively identify gaps and opportunities to strengthen security and system reliability and scalability, helping to mature Venture Well's IT and security practices as the organization grows.

This position is ideal for someone who is equally comfortable engineering systems, securing them, and documenting how and why they are secured. You will work closely with IT leadership to implement security‑by‑design practices, respond to incidents, maintain audit readiness, and serve as a senior escalation point for complex technical and security issues.

You will operate with a high degree of autonomy, managing priorities across multiple systems and initiatives while balancing immediate operational needs with longer‑term improvements.

• Manage Venture Well's device fleet (macOS, iOS, iPadOS) using Jamf, including configuration profiles, patching, encryption enforcement, and endpoint hardening
• Configure, administer, and secure SaaS platforms including Google Workspace, Okta, Slack, Zoom, Salesforce, Box, and Better Cloud, including integrations and lifecycle management
• Administer and maintain cloud‑based systems and services (including AWS), partnering with vendors and internal teams to ensure uptime and security
• Serve as the escalation point for complex technical issues related to SaaS platforms, device management, identity systems, and integrations
• Maintain a transparent, documented SaaS application inventory and support software request review, vetting, and decision documentation
• Develop and maintain SOPs and technical documentation for systems, integrations, and operational processes
• Identify opportunities to improve system architecture, scalability, and reliability across SaaS and cloud environments and lead implementation of those improvements
• Evaluate and recommend new tools, technologies and integrations to enhance system performance, security and operational efficiency
• Drive continuous improvement of IT systems and processes, balancing day‑to‑day operational support with longer‑term optimization initiatives

• Monitor and respond to security alerts, vulnerability findings, and threat intelligence across endpoint, SaaS, and cloud environments
• Perform root cause analysis on security incidents and recommend corrective actions
• Manage endpoint security tooling and monitoring (e.g., Jamf Protect) and integrate telemetry with logging platforms (e.g., Datadog, Cloud Watch)
• Lead vulnerability scans, penetration test coordination, and remediation tracking
• Review logs and security reports to identify risks, trends, and required remediation
• Proactively identify security gaps, risks and emerging threats and implement improvements to strengthen Venture Well's overall security posture
• Continuously enhance monitoring, detection and response capabilities across endpoint, SaaS and cloud environments
• Partner with internal team members to prioritize and remediate vulnerabilities based on risk, business impact and organizational priorities

• Support implementation and ongoing maintenance of NIST SP 800‑171 and CMMC Level 2 controls
• Maintain and update the System Security Plan (SSP) and Plan of Action & Milestones (POA&M)
• Draft, review, and maintain security policies, standards, baselines, and procedures
• Conduct Security Impact Analyses (SIA) for system changes,…