IT Security Specialist
Full TimeJob Overview
We’re looking for someone great to lead critical work in Security & Compliance!
Your primary task is to strengthen our security processes and keep our agency and our clients safe. You will take extreme amounts of initiative and enthusiasm to get things done. To do this, you should have a natural curiosity to research, experiment and reach out to the right people.
Your primary task is to strengthen our security processes and keep our agency and our clients safe. You will take extreme amounts of initiative and enthusiasm to get things done. To do this, you should have a natural curiosity to research, experiment and reach out to the right people.
We’re looking for someone who is driven to build comprehensive security systems, but also practical enough to understand real-world constraints and create resilient safeguards when the ideal setup isn’t immediately available. Strong problem-solving is a must. You should be able to break down complex security issues into manageable components and execute them flawlessly.
You will be responsible for communicating with internal teams, clients, and vendors to win buy-in, explain risks, enforce compliance, and keep everyone aligned.
Key Responsibilities
- Implementing, monitoring, and maintaining endpoint and network security tools (CrowdStrike, MFA, SSO, VPNs, password managers, etc.)
- Managing user access controls and enforcing security policies across all devices (including BYOD).
- Conducting vulnerability assessments and coordinating incident response.
- Reviewing and hardening security configurations for web servers, cloud environments, and third-party integrations.
- Supporting compliance efforts for ISO 27001, GDPR, SOC 2, and similar frameworks.
- Creating and maintaining security documentation (policies, procedures, incident response plans).
- Monitoring system logs and alerts for suspicious activity and responding to events.
- Running employee security awareness training and phishing simulations.
- Collaborating with Development and DevOps to ensure secure coding and deployment practices.
- Coordinating with clients and vendors on security questionnaires, audits, and compliance requirements.
Skills, Knowledge and Expertise
- Experience: 2+ years in Endpoint Security Management, particularly for web agencies with a remote, BYOD policy.
- Communication: Strong written and verbal communication skills (you may be asked to complete a live email task during the interview)
- Grit: High persistence and follow-through to ensure people comply with security processes
- Clarity: Ability to clarify vague requests, ask smart questions, and structure security recommendations clearly
- Analysis: Strong analytical and reasoning ability