IT, Security & Compliance Lead
Mpathic
About mpathic
mpathic is building the future of empathetic, trustworthy AI. Grounded in behavioral science and human-centered design, our technology delivers AI systems that are safe, aligned, and emotionally intelligent. As enterprises race to adopt AI, we believe the companies that win will be those that build trust first.
We are seeking a senior, hands-on leader to own our internal IT, security, and compliance function as we scale. This role is ideal for someone who enjoys building systems from the ground up, operating with autonomy, and balancing strong security practices with the realities of a growing, remote-first company.
About the Role
This role will serve as the primary owner of internal IT operations, security engineering, and compliance initiatives at mpathic. You will lead SOC 2 and other compliance efforts end-to-end, design and maintain secure IT systems, and partner closely with leadership, engineering, and vendors to ensure a strong security posture while enabling productivity.
Core Responsibilities:
- Own internal IT systems including identity management, device management, endpoint security, and SaaS tooling.
- Lead SOC 2 and other compliance programs, including audit readiness, evidence collection, auditor coordination, and remediation.
- Design, implement, and maintain security controls such as access controls, encryption, logging, and vulnerability management.
- Develop and maintain security policies, procedures, and documentation aligned with frameworks such as SOC 2, NIST, and ISO 27001.
- Manage identity lifecycle processes, including onboarding, offboarding, and access reviews using least-privilege principles.
- Evaluate, select, and implement IT and security tools (MDM, EDR, SSO/IdP, DLP, logging).
- Oversee vendor security reviews and third-party risk management.
- Partner with engineering and operations to ensure secure configurations across cloud infrastructure and SaaS applications.
- Participate in incident response activities and drive continuous improvement from security events.
- Automate IT and security workflows where possible to improve efficiency and reliability.
About You
- 5+ years of experience across IT, security engineering, or compliance-focused roles
- Hands-on experience leading SOC 2 audits (Type I or II) or comparable compliance efforts
- Strong understanding of identity and access management, endpoint security, and SaaS security configuration
- Experience working in cloud-first environments (AWS, GCP, or Azure)
- Comfortable owning ambiguous, cross-functional problems and prioritizing pragmatically
- Strong communication skills and the ability to work effectively with both technical and non-technical stakeholders
- Experience with scripting or automation for IT/security workflows is a plus
Compensation & Benefits
Base salary range: $120,000 – $160,000, plus equity and comprehensive benefits. Final compensation will be based on experience, scope, and level. mpathic offers 100% employer-funded healthcare, flexible managed PTO, training and education funding, and regular in-person retreats.
Life at mpathic
mpathic is a remote-first company committed to work-life balance, inclusion, and equity. We are proud to be an Equal Employment Opportunity employer and encourage candidates from underrepresented backgrounds to apply.