IT and Security Operations Manager

Summary

Join Civis Analytics as their hands-on IT and Security Operations Manager, leading and optimizing IT and information security functions. You will manage a small team, ensuring IT operations and security compliance while contributing to key initiatives like FedRAMP authorization. The ideal candidate is a strong program manager with deep understanding of security frameworks and IT best practices. Responsibilities include team management, IT operations oversight, security and compliance, and vendor relationship management. This role requires significant experience in IT and security, proven experience with specific security frameworks, and strong technical understanding of various IT tools. Preferred qualifications include program management experience, particularly with FedRAMP, and experience with IT security automation. Civis offers competitive benefits, including unlimited vacation and sick time, 401K match, health, dental, and vision benefits, fully paid parental leave, commuter benefits, and pet insurance.

Requirements

• 5+ years of experience in IT and/or security, with 2+ years in a leadership role
• Proven experience managing security frameworks such as FedRAMP, SOC2, or NIST 800-53
• Strong technical understanding of IT tools, including Mac OS X, mobile device management software (e.g., Jamf Pro, Kandji), and SaaS platforms
• Familiarity with operating in a cloud environment
• Excellent communication skills, particularly the ability to explain technical concepts to non-technical audiences
• Demonstrated ability to balance strategic oversight with day-to-day management tasks
• All employees either must be fully vaccinated against COVID-19, initiate vaccination before your start date, or file an exemption request prior to start date per company policy for review

Responsibilities

• Manage a small team, including a Senior IT Support Specialist and a Security Analyst II
• Provide mentorship, guidance, and professional development for team members
• Balance team workload and ensure alignment with organizational priorities
• Stay informed of emerging IT and security trends, assessing their applicability to Civis
• Research and evaluate new technologies to enhance IT operations and compliance processes
• Build and maintain relationships with vendors, ensuring cost-effective and efficient solutions
• Oversee internal IT infrastructure, ensuring employees have the tools to perform securely and efficiently
• Manage critical IT systems and tools, such as Okta, GSuite, Slack, and Kandji
• Develop and enforce IT operational processes, ensuring scalability and efficiency
• Support incident response activities, coordinating with stakeholders during investigations and remediation
• Conduct compliance assessments of controls for in-scope systems, including remediation assessments and audit-readiness assessments
• Serve as the subject-matter expert on SOC2, FedRAMP, and NIST 800-53 frameworks
• Maintain FedRAMP Authorization package, including the System Security Plan (SSP) and Plan of Action & Milestones (POA&M)
• Collaborate with stakeholders to develop remediation plans, track progress, and report on compliance initiatives
• Lead evidence collection and documentation efforts for internal and external audits
• Perform continuous monitoring activities and maintain metrics to track the health of IT and security controls
• Respond to customer security questionnaires and talk directly to clients as required

Preferred Qualifications

• Program management experience, particularly with FedRAMP or similar program
• Experience with IT security automation and infrastructure as code
• Vendor management and contract negotiation experience
• Prior experience in a B2B SaaS, cloud-first environment

Benefits

• Salary: $125,000 (a cost of living adjustment may be added for qualifying locations)
• Competitive benefits, including unlimited vacation and sick time
• 401K match with immediate vesting
• Health, dental, and vision benefits
• Fully paid parental leave
• Commuter benefits
• Pet insurance