Why Ivo?
Every civilization runs on the same infrastructure: agreements between people who don't fully trust each other. Sumerians pressed them into clay. Romans carved them into stone. We bury them in 80-page PDFs.
The way those agreements are reviewed hasn't changed in four thousand years - a human reads the whole thing and tries not to miss anything. We're building the AI that finally changes that. Ivo is the contract intelligence platform of choice for companies like Uber, Meta, Canva, IBM, and Shopify. We recently raised our Series B and have grown 800% over the last 12 months.
The Role:
We're hiring a Senior Security Engineer to own how Ivo detects, responds to, and defends against threats across our infrastructure, identity, network, and endpoints. You'll partner directly with our Head of IT & Security and work alongside engineering and IT to keep the systems behind our product safe. This is a hands-on senior IC role with broad scope: detection engineering, incident response, cloud and identity security operations, perimeter and network hardening, vulnerability management, and security automation.
Where our Application Security Engineer owns the product itself, you own everything around it: the systems, the signals, and the response. Our platform handles legally privileged documents for some of the largest companies in the world. The security stakes are real, and so is the impact.
Responsibilities
• Own detection and response across Ivo's cloud, identity, and endpoint estate.
Build and tune detections in our SIEM (Panther). Turn noisy telemetry into high-signal alerts engineers and IT actually act on, with a strong bias toward signal over noise.
Lead incident response for infrastructure, identity, and corporate-layer security events. Run investigations end to end, drive containment and recovery, and write the post-incident review.
Own cloud security posture across GCP and Azure. Find misconfigurations, prioritize real risk, and partner with engineering to close it.
Own perimeter and network security. Manage Cloudflare WAF rules, DNS security, and edge controls, and harden our network and infrastructure config against real-world attack patterns.
Run vulnerability management for our infrastructure and assets. Triage, prioritize, and drive remediation to closure rather than just forwarding scanner output.
Operate and harden identity and access (Okta, SSO, SAML, SCIM, MFA, RBAC). Own provisioning and deprovisioning hygiene, access reviews, and least-privilege enforcement.
Manage endpoint and device security (Kandji for MDM) and email security (Material). Keep the fleet hardened and monitored.
Build security automation that removes toil. Script away repetitive work, wire up SOAR-style response, and make the secure path the easy path.
Run proactive threat hunting across logs and telemetry, and develop detection coverage against the threats that actually target a company like ours.
Produce and maintain operational evidence for SOC 2 Type II, ISO 27001, and ISO 42001, and support our compliance and enterprise security review programs.
Contribute security operations input to enterprise security reviews and customer-facing trust documentation.
Partner with engineering and IT rather than blocking them. You ship paved roads, not tickets.
Who You Are:
5+ years in security operations, detection and response, or infrastructure and cloud security at a SaaS company, including time owning detection or IR for a production environment.
Hands-on detection engineering. You write and tune detections, build pipelines, and work in a SIEM directly. You don't just watch dashboards.
Strong cloud security background in GCP and/or Azure: identity, network, workload, and posture management.
Hands-on with perimeter and network security: WAF/CDN (Cloudflare or similar), DNS security, and edge controls.
Deep identity and access experience: Okta or similar IdP, SSO, SAML, SCIM, MFA, and RBAC in practice.
Real incident response experience. You've led investigations end to end, from first alert to post-incident review.
Comfortable scripting and automating (Python or similar). You can read code and build your own tooling, not just buy it.
Track record of running vulnerability management as a program, not a queue.
Excellent written communication. You can write a runbook engineers follow, a detection writeup that's genuinely useful, and a post-incident review leadership trusts.
A strong internal sense of urgency and a bias toward shipping and automating today rather than tomorrow.
Nice to have:
Detection-as-code experience (Panther, Sigma, or similar) and treating detections like software.
Experience securing AI / LLM infrastructure and the operational risks around agents and model access.
Series B or earlier experience where you built or scaled a security operations function from limited scaffolding.
GCIH, GCIA, GCFA, OSCP, or comparable hands-on credentials.
Experience with SOAR or security automation platforms.
Background supporting enterprise customers in regulated industries.
Why This Role Matters:
Ivo's customers entrust us with their most sensitive contracts. As we move further upmarket and into more regulated industries, our ability to detect and respond to threats fast is becoming a direct driver of enterprise revenue and a key part of the trust we earn at the deal table. This role owns the operational security of the company itself. The person who fills it will define what good detection and response looks like at Ivo for years to come.
FAQ
How far along are we? We launched in early access in 2023. Since then, we’ve had an incredible response from the market and are growing rapidly. We 6x'd in ARR in the last 12 months. Our clients include companies like Uber, Reddit, IBM, Canva, Pinterest, WordPress, and more. We're happy to share more details with candidates who go through our interview process.
Can I work remotely? We have an in-office culture, with some hybrid flexibility.
Compensation: The USD salary range for this role is $249K - $405K. Final offer amounts are determined by multiple factors, including, experience and expertise, and may vary from the amounts listed above.
IVO Inc. specializes in creating professional and affordable custom made web solutions and websites that enable businesses to establish visibility online, increase sales and improve productivity. Using our own Content Management System (CMS) interface, we are able to deliver dynamic and responsive websites with user-friendly features and are able to help non-tech users make changes in a matter of seconds with our effective platform. We specialize in crafting solutions for website development & design, e-commerce solutions, internet marketing, strategy and consulting, social media management, branding, content writing and more. IVO, Inc. grew from three basic principles: a commitment of leveraging technology to improve business efficiency, finding innovative solutions for each project, and putting clients’ needs first. In 2005, IVO was created to allow employers to be in control of their website and office needs. It was developed to create the ability for a user to manage his/her website remotely regardless of location, thus the name Interactive Virtual Office (IVO) was born. Since then, we have developed dozens of custom designed software solutions for various projects both locally and internationally. Innovation has always been at the forefront of our vision. Every new client had a different need, allowing us to innovate and build bigger and better solutions, pushing the boundaries of our capabilities. The goal – make our clients happy and help them succeed.
Key team members

Joseph Abboud
Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.