About Nue.io

About the role

OWNERSHIP MODEL

• If a customer touches it, Engineering owns it.
• If an employee uses it, IT owns it.
• If an auditor asks about it, it is a joint program with one named owner.

• Security and Compliance Council. A biweekly, 45-minute standing meeting with

• Fractional vCISO. Eight to fifteen hours per month of senior security leadership. The

What You'll Do

IT strategy and leadership

• Define and own Nue's corporate IT strategy, roadmap, and budget, translating company growth goals into a scalable IT foundation
• Build, lead, and mentor the IT team, fostering a culture of security-first thinking and operational excellence
• Drive IT maturity across the organization in support of SOC 2 and SOC 1 readiness
• Serve as the primary corporate IT decision-maker and escalation point for the business

IT architecture and infrastructure

• Define and govern standard patterns for user lifecycle, access control, and device posture across the workforce
• Own the design and evolution of corporate IT architecture: endpoints, identity, the SaaS stack, and networking
• Oversee endpoint and asset management, including MDM and EDR policies, patching, disk encryption, and auditable asset inventories
• Ensure reliable, scalable IT operations for a remote-first, globally distributed workforce

Identity, access, and SaaS governance

• Own corporate identity and access management strategy across Google Workspace, Rippling, Salesforce, Slack, Atlassian, and other core platforms
• Define and enforce role-based access control and least-privilege models, including access reviews and entitlement rationalization
• Lead SaaS vendor governance: onboarding, risk reviews, renewals, and rationalization across the stack
• Drive automation of joiner, mover, and leaver processes through HRIS and identity-provider integrations

Security, compliance, and risk

• Own the corporate IT compliance framework and maintain controls and documentation for SOC 2 and SOC 1 audits, working with the vCISO on the control matrix
• Define and oversee endpoint security, corporate identity security, and corporate SaaS hardening standards
• Own vulnerability and patch management for corporate endpoints and SaaS (production and cloud-infrastructure vulnerability management is owned by Engineering)
• Lead corporate incident response for business email compromise, phishing, account compromise, lost or stolen devices, and vendor breaches
• Coordinate customer security questionnaires and partner with Engineering and Dev Services on security assessments and risk remediation; Engineering leads on production and customer-facing controls
• Maintain a proactive stance on emerging risks and close corporate gaps before they become incidents

Operations and automation

• Oversee IT support operations, ensuring a high-quality experience across a remote-first team
• Champion automation and tooling to reduce manual toil and improve operational efficiency
• Own IT capacity planning: licenses, hardware refresh, and platform investments
• Maintain and continuously improve IT documentation, runbooks, and standards

What is not in scope

• Product security, application security, and the secure development lifecycle
• Production identity, access, and secrets management
• Cloud infrastructure security and production incident response
• Customer-facing security architecture and the technical answers behind customer security reviews

What you'll bring

• 8+ years in corporate IT, with at least 3 years in a leadership or management role at a high-growth tech company
• Proven experience building and scaling IT functions, teams, and strategy from the ground up
• Deep expertise in identity and SSO, endpoint management, and SaaS governance (Google Workspace, Rippling, IdP providers, SCIM, SAML, OIDC)
• Strong working knowledge of SOC 2 and SOC 1, and comfort owning audit readiness and the auditor relationship
• Experience leading IT through audits, security assessments, and customer risk questionnaires
• A track record of hiring, mentoring, and developing high-performing IT teams
• Excellent communication skills, able to translate complex technical decisions into clear recommendations for executive and non-technical stakeholders
• Experience supporting a distributed, remote-first workforce with async-friendly processes and documentation
• Comfort operating inside a defined IT/Engineering split and partnering with a fractional vCISO rather than owning product security directly

Compensation

What We Offer:

• Competitive compensation and benefits that reward your talent and impact.
• Comprehensive health, vision, dental, and life insurance
• A front-row seat in the Silicon Valley tech ecosystem, where you’ll work on cutting-edge challenges shaping the future of SaaS, finance, and payments.
• The opportunity to build truly groundbreaking products — your work won’t just support the business; it will influence how companies around the world monetize and grow.
• A high-energy, collaborative culture where smart, supportive teammates push each other to learn fast, think boldly, and do the best work of their careers.
• Room to grow, lead, and make your mark in a fast-scaling company that values creativity, ownership, and ambition.