IT & Security Operations Manager

Responsibilities

IT Administration

• Manage day-to-day identity and access management - Google Workspace admin, Slack admin, AI platform administration, shared inbox management
• Run employee onboarding provisioning - Day 1 account creation, checklist management, Vanta security onboarding, welcome communications, completion tracking
• Run employee offboarding - access revocation, system owner coordination, equipment return, deprovisioning verification within SLA
• Serve as the internal IT point of contact - password resets, hardware troubleshooting, software support, connectivity issues
• Manage the asset lifecycle - laptop procurement, serial number tracking, equipment reassignment, peripherals ordering
• Coordinate the annual SOC 2 audit process - project manage evidence collection, organize documentation, track control status in Vanta, follow up on remediation, and liaise with external auditors
• Execute quarterly and annual access reviews, verifying active users against the employee roster, documenting findings, and remediating stale access
• Manage Vanta day-to-day - dashboards, weekly compliance summaries, Trust Center access requests, failed test remediation
• Monitor and drive employee security compliance - agent installs, 1
  
  Password provisioning, MFA enforcement, security awareness training
• Take first pass on inbound customer security questionnaires and maintain an answer library to streamline future responses
• Track and execute data governance action items from biweekly cross-functional meetings - tool policy enforcement, vendor risk monitoring, etc.

Security & Compliance

• Coordinate the annual SOC 2 audit process - project manage evidence collection, organize documentation, track control status in Vanta, follow up on remediation, and liaise with external auditors
• Execute quarterly and annual access reviews, verifying active users against the employee roster, documenting findings, and remediating stale access
• Manage Vanta day-to-day - dashboards, weekly compliance summaries, Trust Center access requests, failed test remediation
• Monitor and drive employee security compliance - agent installs, 1
  
  Password provisioning, MFA enforcement, security awareness training
• Take first pass on inbound customer security questionnaires and maintain an answer library to streamline future responses
• Track and execute data governance action items from biweekly cross-functional meetings - tool policy enforcement, vendor risk monitoring, etc.

Business Operations

• Maintain and improve a centralized SaaS inventory - tools, seat counts, renewal dates, and costs. Keep a renewal calendar with advance notice to budget owners
• Manage new software requests - intake, triage, security review routing, approval tracking, provisioning
• Prepare vendor security assessments - collect SOC 2 reports, DPAs, and documentation for CTO review and approval
• Support office IT and facilities - conference room AV, key fob provisioning, building management coordination
• Document key processes - onboarding/offboarding runbooks, SOC 2 evidence collection guides, vendor review steps, AI usage best practices
• Identify and implement automation opportunities - workflows for onboarding triggers, access request routing, renewal reminders, and offboarding checklists

This is an opportunity to be the dedicated owner of IT and security operations at a growing SaaS company.

You will:

• Take ownership of established compliance, IT, and security programs and keep them running smoothly
• Project manage SOC 2 audit readiness as the company expands its customer base
• Identify gaps and inefficiencies in existing workflows and fix them
• Help create scalable processes that support the company through its next stage of growth
• Work cross-functionally with Engineering, Finance, and GTM teams

Success in this role means Clearstory's IT, security compliance, and corporate systems run reliably and keep getting better over time.

Clearstory is a SaaS platform modernizing how construction companies communicate, approve, and track change orders and related cost workflows. We replace paper, spreadsheets, and email with simple, trusted financial workflows that help contractors get paid…