This job was posted more than 40 days ago and might be expired.
WeaveGrid, Inc. logo

Information Security & IT Senior Manager

Posted about 2 months ago

RemoteSan Francisco Preferred115k - 163k USD

About Us

Our software solves the most critical emerging grid integration challenges to ensure that the impending energy transition is clean, equitable, and resilient. Our enterprise solutions help the grid absorb the electrification wave with ease. Utilizing modern, cloud-native platform architecture and robust systems optimization, WeaveGrid’s software is built from the ground up to tackle the most critical network challenges while meeting the stringent regulatory, security, and reliability requirements of the utility industry.

About the Job

WeaveGrid is looking for a mission-driven, highly independent, action-oriented information security and information technology professional to oversee its InfoSec and IT functions. You will oversee the company’s IT vendor(s), security and compliance, and drive AI and technology adoption within the business.

Key responsibilities include:

  • Own and execute WeaveGrid's information security and IT program end-to-end — this is a high-impact, hands-on IC role.

  • Maintain cloud security posture across AWS (IAM governance, configuration review, cloud-native security tooling)

  • Own the corporate security control environment — EDR, email security, identity governance, network monitoring, DLP

  • Oversee strategy and day-to-day management of our IT services contractor(s). Ensure operational excellence and intervene as needed to ensure timely responses to internal stakeholders.

  • Serve as the internal technical owner of the corporate IT environment and escalation point for security-intersecting IT issues

  • Manage SOC 2 Type II compliance across all five Trust Service Criteria, including auditor relationships and evidence collection

  • Support CCPA and privacy compliance by monitoring and managing data subject access requests and the associated overarching process, applicable website technologies, and ad hoc privacy requests, in partnership with the Legal team.

  • Own application security for our web and mobile products, including coordinating annual penetration tests and driving remediation with Engineering.

  • Run the vulnerability management program — prioritization, tracking, and reporting.

  • Manage incident response — maintain the IR plan, run tabletop exercises, and handle real incidents through to post-mortem.

  • Maintain and test BC/DR plans in coordination with Engineering and Operations.

  • Conduct and document quarterly access reviews across critical systems.

  • Review security terms in vendor and customer contracts; complete customer security questionnaires; run vendor risk assessments.

  • Help administer the personnel security program (security awareness training, onboarding/offboarding controls) in partnership with the People team.

  • Lead the company’s Information Security & IT Committee — evaluating tools, defining acceptable use, and managing data exposure risk across sanctioned tools, including AI platforms

  • Drive AI and new technology adoption within WeaveGrid, engaging internal and external stakeholders as applicable

 
 

About You

Qualifications

Required

  • 7+ years in information security with meaningful program ownership experience

  • Experience at a growth-stage startup company, ideally as a primary security practitioner

  • Experience providing or overseeing IT services

  • Obsessed with client service and meeting internal SLAs

  • Hands-on SOC 2 Type II experience — you've run an audit, not just supported one.

  • Familiarity with leading security and compliance governance tools (i.e. Vanta, Drata, OneTrust).

  • Working knowledge of CCPA and US data privacy requirements

  • Experience reviewing contractual security requirements.

  • Deep interest in and knowledge of leading AI tooling, as applicable to early-stage startups.

  • Proven track record driving security, compliance, and/or technology change within a fast-paced organization.

  • Familiarity with AI security risks and SaaS AI governance

Preferred

  • Experience or familiarity with ISO 27001, NIST 800-53, NERC CIP, OWASP.

  • Comfortable writing Bash scripts for automation and MDM enforcement tasks

  • Strong written communication — you can brief an exec and write audit-ready documentation

  • CISSP, CISM, or equivalent

The total compensation for this opportunity includes a base salary range of $115,000 - $163,000 plus equity (stock options) and benefits. This is our target compensation range and is subject to multiple factors including role, level, experience, skill, and location. As you go through our interview process, our recruiter will work with you to identify a competitive base salary within the proposed range and combine it with an equity package to get you excited about your future at WeaveGrid.

Job details
Workplace
Remote
Location
San Francisco Preferred
Salary
115k - 163k USD
per year
WeaveGrid, Inc. logo
WeaveGrid, Inc.
View company page

WeaveGrid enables utilities to manage load growth reliably and affordably through world-class software, machine learning, and data technology.

Industry
Software Development
Headquarters
San Francisco, California
Founded
2018
Company location
San Francisco, California

Key team members

Brad Davids

Brad Davids

Geoff Garinger

Geoff Garinger

Lisa S.

Lisa S.

Evan Meagher

Evan Meagher

Apply smarter with Jobr

Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

Direct from company career pages
AI-personalised cover letters
Human review before every submit
Application tracking & follow-ups