IT and Security Operations Manager

What we do 

At Civis, we take a science-first approach to solving business problems using person-level data. With a blend of proprietary technology and statistical advisory services, we help public and private sector organizations find, understand and connect with the people they care about, so they can stop guessing and start using mathematical proof to guide decisions. We know others use “data science” and “analytics” as buzzwords, but at Civis we don’t stand for fluff, and we will always deliver scalable products and technologies — not PowerPoints — to drive your business forward. Learn more about Civis at www.civisanalytics.com. 

Our mission 

Our mission is to bring objective, data-driven truth to organizational decision-making – all the way from the boardroom to the world’s largest social causes. 

What we are looking for 

We are seeking a hands-on IT and Security Operations Manager to lead and optimize our IT and information security functions. This role will manage a small team responsible for IT operations and security compliance while directly contributing to key initiatives, particularly FedRAMP authorization. The ideal candidate is a strong program manager with a deep understanding of security frameworks, compliance requirements, and IT operational best practices.

Responsibilities

Team Management & Leadership

• Manage a small team, including a Senior IT Support Specialist and a Security Analyst II.
• Provide mentorship, guidance, and professional development for team members.
• Balance team workload and ensure alignment with organizational priorities.
• Stay informed of emerging IT and security trends, assessing their applicability to Civis.
• Research and evaluate new technologies to enhance IT operations and compliance processes.
• Build and maintain relationships with vendors, ensuring cost-effective and efficient solutions.

IT Operations

• Oversee internal IT infrastructure, ensuring employees have the tools to perform securely and efficiently.
• Manage critical IT systems and tools, such as Okta, GSuite, Slack, and Kandji.
• Develop and enforce IT operational processes, ensuring scalability and efficiency.
• Support incident response activities, coordinating with stakeholders during investigations and remediation.

Security and Compliance

• Conduct compliance assessments of controls for in-scope systems, including remediation assessments and audit-readiness assessments.
• Serve as the subject-matter expert on SOC2, FedRAMP, and NIST 800-53 frameworks.
• Maintain FedRAMP Authorization package, including the System Security Plan (SSP) and Plan of Action & Milestones (POA&M).
• Collaborate with stakeholders to develop remediation plans, track progress, and report on compliance initiatives.
• Lead evidence collection and documentation efforts for internal and external audits.
• Perform continuous monitoring activities and maintain metrics to track the health of IT and security controls.
• Respond to customer security questionnaires and talk directly to clients as required.

Qualifications

Required Skills & Experience

• 5+ years of experience in IT and/or security, with 2+ years in a leadership role.
• Proven experience managing security frameworks such as FedRAMP, SOC2, or NIST 800-53.
• Strong technical understanding of IT tools, including Mac OS X, mobile device management software (e.g., Jamf Pro, Kandji), and SaaS platforms.
• Familiarity with operating in a cloud environment
• Excellent communication skills, particularly the ability to explain technical concepts to non-technical audiences.
• Demonstrated ability to balance strategic oversight with day-to-day management tasks.

Preferred Skills

• Program management experience, particularly with FedRAMP or similar program
• Experience with IT security automation and infrastructure as code.
• Vendor management and contract negotiation experience.
• Prior experience in a B2B SaaS, cloud-first environment.

All employees either must be fully vaccinated against COVID-19, initiate vaccination before your start date, or file an exemption request prior to start date per company policy for review. 

Who we are 

At Civis, we have opportunities for applicants who are newcomers, seasoned professionals, and anywhere in between. Our teams are energized by complex challenges and value diversity of thought. Opportunities to stand out and inspire happen daily and we trust and encourage you to act on your ideas – no matter how big they are. We offer you the tools and community you need to do your best work. Each of us is committed to holding ourselves accountable for results, challenging the status quo and finding new ways to grow our company and each other. 

Why join our team? 

• Salary: $125,000 (a cost of living adjustment may be added for qualifying locations)
• The opportunity to be part of a growing tech startup focused on solving interesting and meaningful problems, invested in internal promotion, and committed to fostering a diverse, equal and inclusive workplace. 
• Competitive benefits, including unlimited vacation and sick time, 401K match with immediate vesting, health, dental, and vision benefits, fully paid parental leave, commuter benefits, and pet insurance.

Civis embraces the individuality of our employees and we celebrate each other's differences. Our products, services, and culture benefit from and thrive on the unique perspectives brought by each person in our Civis community. We're proud to be an equal opportunity workplace, and we are committed to equal employment opportunity regardless of race, age, sex, color, ancestry, religion, national origin, sexual orientation, gender identity, citizenship, marital status, disability, or Veteran status. If you have a disability or special need that requires accommodation, please contact us internalrecruiting@civisanalytics.com. 

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States. 

EEO IS THE LAW

EEO Supplement

Pay Transparency