The Role
The internal IT function doesn't exist yet in any structured form — you'll be the first hire into this role, building it from scratch inside a security-first environment. That means designing endpoint management, identity infrastructure, and compliance controls before anyone else touches them. The closest near-term milestone is SOC 2 readiness via Vanta; the longer-term mandate is a secure, scalable IT operation that can support a distributed team and enterprise-grade compliance requirements.
About the Product
An early-stage US VC-backed cybersecurity startup. The internal IT environment needs to match the security posture of the product itself — modern MDM, hardened endpoints, cloud identity, and compliance readiness (SOC 2, ISO 27001) for enterprise customers who will audit it.
The Stack: The MDM and identity layer is JumpCloud — one platform for device management and cloud identity rather than separate tools stitched together. Microsoft Intune and Azure AD / Entra ID cover the Windows and enterprise identity surface. Endpoint protection runs AV + EDR. Compliance automation is Vanta. SCCM is not in scope.
What You’ll Be Doing
- Build the internal IT function from the ground up — policies, tooling, processes, asset management, documentation; no inherited baseline to maintain
- Own endpoint lifecycle across a macOS-primary environment using JumpCloud as the core MDM + IdP layer — provisioning, configuration, policy enforcement, patching, compliance reporting
- Administer Microsoft Azure AD / Entra ID and Microsoft Intune for identity, access, and endpoint security enforcement
- Oversee endpoint protection: AV and EDR deployment, coverage, and operational response
- Lead the SOC 2 audit preparation with Vanta as the compliance platform — own the IT controls layer end to end
- Build and manage lab environments across Windows and Linux for testing, validation, and security tooling evaluation
- Harden the IT security posture — access controls, IAM policies, identity hygiene — across a remote-first, distributed team
- Partner with security and compliance stakeholders on ISO 27001 readiness and ongoing control maintenance
What We Expect
Must-Have
- 8+ years in IT administration, IT operations, or corporate IT
- Hands-on macOS administration at scale
- Experience with JumpCloud or comparable combined MDM + IdP platforms (unified device management and identity in a single stack)
- Strong hands-on experience with Microsoft Azure AD / Entra ID and Microsoft Intune
- Experience administering AV and EDR platforms in production environments
- Proven involvement in SOC 2 or ISO 27001 preparation — owning IT controls, not just participating
- Experience building and managing lab environments on Windows and Linux
- Comfortable operating independently as the first IT person: no existing team, no inherited runbooks
- Strong documentation and communication skills; able to work cross-functionally with security, compliance, and leadership
Nice to Have
- Experience with Okta or other identity platforms beyond JumpCloud
- Previous IT Team Lead or people management experience
- Background in fast-scaling or security-focused organizations
- Familiarity with Vanta as a compliance automation platform
Why This Role Is Worth Your Time
- You're the founding IT hire — the function is yours to design, not inherit
- SOC 2 via Vanta is the immediate concrete project; ISO 27001 follows — real compliance ownership, not support work
- The domain is cybersecurity: the internal IT bar matches what the company sells, which makes the work technically honest
- Direct path to IT leadership as the company scales and the team grows under you