• Implement, maintain, and assess security controls for Azure and hybrid enterprise systems in accordance with organizational policies and applicable cybersecurity standards • Support security compliance and authorization activities, including preparation, review, and maintenance of required security documentation and artifacts • Conduct security control validation, vulnerability analysis, and risk assessment activities across systems and platforms • Monitor system security posture and coordinate with engineering teams to remediate identified vulnerabilities and findings • Provide IA guidance during system changes, deployments, and upgrades to ensure security controls remain effective and compliant • Support incident response and cybersecurity event handling, including analysis, containment support, and post-incident remediation activities • Review system configurations, architectures, and operational procedures to identify security gaps and risk areas • Collaborate with Senior Azure Systems & Platform Engineers and Azure Architects to ensure security requirements are integrated into system designs and implementations • Assist with continuous monitoring activities, including review of security-relevant logs, alerts, and assessment results • Support audits, inspections, and compliance reviews by providing technical input, evidence, and security expertise • Track and manage plans of action and milestones (POA&M) and remediation efforts, as applicable • Maintain accurate security documentation, including control implementations, assessment results, and remediation records • Ensure compliance with DoD 8140 / DCWF qualification requirements and maintain required professional certifications and continuing education

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description This is a hands-on role for a highly motivated and experienced Information Security Officer. In this quickly developing organization, you will be expected to be a strong team player who can also independently drive key security initiatives as the information security department matures. This role requires a blend of technical expertise and managerial experience. - Develop and implement security policies, standards, and procedures in collaboration with relevant teams to protect organizational data and systems. - Document data architecture, integrations, and security controls, ensuring ongoing maintenance and adherence to security best practices. - Manage and lead an Information Security team, partnering with key stakeholders in IT, Technologies and other parts of the business as needed. - Continuously analyze and anticipate enterprise-wide security needs, including threat detection, incident response, and capacity planning. - Manage organizational security tools, including zero-trust access tools, to support secure authentication (e.g., SSO, O-Auth) and access control across all applications. - Oversee the management of MDM suites across Windows, Mac, and mobile devices, including inventory management, software deployment, and endpoint security policies. - Conduct continuous analysis of security processes, technologies, and vendors to identify and implement improvements that enhance our security posture. - Monitor vendors to ensure they meet security requirements and provide the best possible service and value via Third Party Risk Reviews and other needed processes. - Develop and conduct security training for employees to promote a security-aware culture. - Document support models for endpoints, cloud assets, mobile devices, and SaaS applications (e.g., Okta, Google Workspace), focusing on secure configuration and maintenance. - Prepare cost-benefit analyses for security upgrades and new technologies. - Ensure that our security measures and technical capabilities align with audit standards, such as SOC2 and NIST. - Follow standards set for Information Security Officer as set forth in NIST 800-53. - Efficiently manage our security software and hardware inventory, including licensing and cost management. Qualifications - At least three years of experience in a role focused on information security, with a strong emphasis on endpoint management in a zero-trust environment. - A proven track record of troubleshooting, documentation, and managing information security policies and best practices. - Strong practical knowledge of scripting, programming, encryption, and digital security. - In-depth understanding of network architecture and security principles, including cloud-based security (e.g., cloud access security brokers, firewalls, and security monitoring). - Expertise in SaaS application operations, integrations, and secure onboarding, particularly with platforms like Google Workspace. - Experience with and deep knowledge of security frameworks and compliance standards, such as ITIL, SOC2, NIST SP 800-171, PCI, and HIPAA. - Excellent communication, interpersonal, and leadership skills, with the ability to manage conflict and provide effective guidance. - Superior problem-solving, critical thinking, and decision-making abilities. - Great project management skills, including organization, planning, time management, and prioritization. - Excellent attention to detail and a customer service mindset. Benefits - Medical, dental and vision insurance - $4,400 annual HSA contribution - Paytient Health Payment Account (HPA) - Monthly lifestyle spending stipend - Five weeks of annual PTO - Week-long fully paid 'summer break' for all employees! - Ten weeks of bonding leave for new parents - Two weeks of caregiver leave - Employer paid short-term and long-term disability - 401k plan access with a 4% employer match - Stock options in Paytient - ...and more!

About OpenSesame OpenSesame is the trusted partner for Workforce Reinvention in the age of AI. OpenSesame delivers integrated software, curated and customizable content, and expert services – embedded into existing learning, HR, and work systems – to help organizations expand their human+AI potential and thrive through change. Learn more: www.opensesame.com/about About the Job We are seeking a strong, organized IT leader who wants to take an existing helpdesk and sysadmin organization and elevate them from reactive support to a proactive, process-driven internal service organization. This is a working manager role for someone who thrives at the intersection of: - People leadership and coaching - Project and roadmap ownership - Process design and operational rigor - Security-minded systems thinking A key priority for this role is establishing a reliable, automated, and audit-ready employee onboarding and offboarding program that works flawlessly across departments. This leader will bring structure, accountability, and measurable improvement to IT operations while developing a high-performing team. Performance Objectives: In your first 90 days, you will be getting the lay of the land with both your teams and OpenSesame. Success at 90 days means you have clarity on gaps, a prioritized roadmap, and early momentum toward operational improvements. - People: - Build strong relationships with team members and understand career goals. - Assess strengths, skill gaps, and coaching opportunities. - Understand your team’s process and how people work together. - Participate in regular team workflows to gain hands-on context. - Get to know your peers in compliance, engineering and across the company. - Product: - Gain hands-on familiarity with core IT tools and workflows. - Develop a reasonable understanding of the company tool ecosystem and ensure documentation is up to date. - Ride along with a vendor evaluation and/or renewal - Coach team members in collectively owning their work. - Audit the current onboarding/offboarding process end-to-end. - Process: - Review the team productivity and quality metrics and OKRs. - Assess helpdesk SLAs, ticket workflows, and project intake. - Identify bottlenecks, documentation gaps, and automation opportunities. - Develop a 6–12 month improvement roadmap. - Take the reins for the process overall and evolve it further. - Propose a structured, cross-functional onboarding/offboarding framework. Within 6 months, your team is aligned, projects are moving predictably, and onboarding/offboarding is measurably improving. - People: - Develop senior team members into player-coaches. - Establish clear ownership areas within the team. - Improve visibility into team workload and capacity. - Collaborate with compliance and engineering to have a shared security stance vision. - Communicate about complex migrations with groups, potentially the entire company, at a high level of quality. - Product: - Own the IT project roadmap and prioritization process. - Lead cross-functional IT initiatives (e.g., migrations, security improvements, system rollouts). - Own 2-3 Vendor relationships. - Begin to quantify vendor evaluation needs based on data. - Collaborate and advocate for your vision for the project roadmap and priorities. - Process: - Own the application authentication stance for the company. - Prioritize automation over hands-on action in more critical systems. - Create disaster recovery processes for critical systems. - Launch ongoing process improvement experiments backed by data. - Implement measurable KPIs for onboarding/offboarding efficiency and accuracy. By the end of your first year, you will have established yourself as a relied upon partner to most teams in OpenSesame and are working, often behind the scenes, for your team to keep them productively supporting all of the company's initiatives. IT runs with clarity and discipline. - IT operates as a proactive partner, not just a service desk. - You consistently understand team health, performance, and development needs. - The team demonstrates ownership, accountability, and continuous improvement. - Onboarding/offboarding is automated, documented, and audit-ready. - Authentication and access management follow defined standards. - Vendor spend and risk decisions are data-driven. - Learning always, improving constantly. - You are a trusted cross-functional partner influencing company-wide initiatives. You might notice we don’t have the typical list of requirements and buzzwords here. That’s intentional. We’re looking for proven examples from your career that show you can do this job — that you’ve built systems, driven alignment, and created impact at scale. When you look back a year from now, you’ll know you’ve made OpenSesame better, faster, and stronger because of your leadership. Although it should go without saying (but it doesn’t), OpenSesame is an equal opportunity employer and we strive to create a welcoming, inclusive environment that celebrates diversity. Location: This position can be based anywhere in the US. We operate as a remote-first company, and invest in mandatory all-company meetings several times a year in addition to required team travel as necessary. Performance Driven: We're looking for self-starters with a track record of delivering excellent results, but we're highly selective about who we hire. We don't focus on typical job requirements, instead, we're interested in specific examples from your past experiences. All positions can be based anywhere in the US, and require up to 15 days of travel per year, with senior management and leadership teams requiring up to 35 days. Compensation: The base salary for this position generally ranges between $120,000 and $160,000, depending on experience. At OpenSesame, we offer a comprehensive benefits package to employees upon hire, including professional development, ISOs, health insurance, 401(k) matching, and paid time off. Equal Employment Opportunity: OpenSesame is an Equal Employment Opportunity and Affirmative Action employer that values and welcomes diversity. We do not discriminate on the basis of various legally protected characteristics, including criminal history, and strive to provide reasonable accommodations to qualified individuals with disabilities. We prioritize safety and security and may use your information accordingly, and you can contact us for assistance or accommodations during the job application process. Pay Transparency: At OpenSesame, we prioritize pay transparency, fairness, and equity to create a positive and inclusive work environment, regularly reviewing our compensation practices to align with our values and goals. We provide competitive and fair compensation to our employees based on their skills, experience, and performance. CPRA (California Candidates): When you submit your application, OpenSesame may collect and use your personal information in accordance with our privacy policy and the CPRA. This may include personal details and employment history, and will only be used for employment-related purposes. We may share this information with third-party service providers, but we will not sell it to third parties. If you have any questions or concerns, please contact us, and for more information on your rights under the CPRA, refer to our privacy policy or the California Attorney General's website. We Care About Your Security: We’ve been made aware of a phishing scam involving individuals impersonating OpenSesame recruiters. All legitimate communication from our team will come from @opensesame.com email addresses. If you receive a suspicious message, please contact us directly at careers@opensesame.com. Your security matters to us, thank you for staying vigilant.

• Recruit, hire, and develop world-class specialist sales talent while building development plans to coach and motivate the team to overachieve on targets • Act as the GM of your business to create a strategic plan for success and provide accurate monthly, quarterly, and yearly forecasts • Align with regional sales leadership, field sales, marketing, and partners to prioritize focused revenue attainment within a matrixed organization • Engage with Product Management, Product Marketing, Services, and other cross-functional teams to drive continuous performance improvement