IT Security Lead
Human Capital is a venture firm for builders. We believe ambitious builders turn great ideas into great companies. We invest in founders, teams, and startups that share this mindset.
In the last 6 years, that mantra has led us to invest in 15 companies before they became unicorns, including Snowflake, Anduril, Livongo, and Brex (where we wrote the first check). We have over $1.3B in total capital committed and we've built a community of over 5,000 incredible, driven, ambitious builders.
Now we're looking for an Information Security Lead to help write our next chapter.
As Human Capital’s new IT Security Lead, you’ll help us build out IT infrastructure and operations to support our growing team (currently about 50 FTE). We have partnerships with external vendors in place, so you won’t have to start from scratch, but you’ll set the vision and direction to scale our IT systems and processes so that HC employees can do their best work while abiding by security best practices.
You’ll also play a key role in ensuring we keep Human Capital’s internal and client data safe, secure and compliant with applicable regulations. You’ll own the internal IT customer experience (leveraging and managing external partnerships as needed), and be a thought partner to the Workplace, Engineering, and Legal/Compliance teams when it comes to our in-office technology.
- Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
- Maintains hardware, software and network firewalls and encryption protocols.
- Administers cybersecurity policies to control physical and virtual access to systems.
- Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures.
- Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks.
- Responds to cybersecurity breaches, identifies intrusions and isolates, blocks and removes unauthorized access.
- Researches and evaluates cybersecurity threats and performs root cause analysis.
- Assists in the creation and implementation of security solutions.
- Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
- Provisions devices/equipment with appropriate permissions for newly onboarded team members
- Supports inbound data audits and scans from 3P vendors and regulatory agencies
- 5+ years in a related role, such as IT engineering, infrastructure operations, or Information Security Engineer
- Experience successfully managing IT projects big and small (good examples might be implementing a ticketing process, an SSO implementation, an office build-out, SOC2 processes, etc.)
- Experience managing outside IT vendors
- Familiarity with Google and Microsoft cloud products and configuration management
- Direct experience with office networks and network administration/installation
- Superb customer service chops, and experience with employee onboarding and offboarding
- Ability to design and communicate clear processes; detail oriented but not rigid
- Knowledgeable in scripting, CLIs, API development (e.g. bash, shell, Python, REST, etc.), and web services to implement custom integrations and automation of system tasks
- Nice to have: InfoSec experience including SEC/RIA Compliance; crypto security experience.
- You’ve got strong influence and relationship management skills—you understand how to influence people without having direct managerial authority, and how to reach win win solutions versus being dragged into the weeds of “we can’t”
- You are highly approachable by all employees, and have superb customer service skills that make everyone feel taken care of (even when the answer is no!)
- You are a creative problem solver and able to manage decision-making independently and “think like an owner” when it comes to budgets and resources
Your application has been successfully submitted.
A venture firm for builders. We believe ambitious builders turn great ideas into great companies. We invest in founders, teams, and startups that shar...