Job Description
About Cassidy
Cassidy is a Series A AI automation platform serving enterprise customers. We help companies deploy AI Agents, workflows, and knowledge bases across their organizations. We're ~25 people, growing fast, based in NYC (in-office 5 days/week), and backed by HOF Capital, The General Partnership, and others.
The Role
You'll be the first person at Cassidy dedicated to IT, security, and compliance.
What You'll Do
- Devices & IT Operations: Endpoint management, MDM, onboarding/offboarding, SaaS access controls, internal IT support, office network
- Security & Compliance: Own SOC 2, HIPAA, and GDPR compliance programs. Manage compliance tooling (Vanta), run access reviews, drive security improvement projects, assess vendor security
- Customer-Facing Security: Join customer security calls, own security questionnaires end- to-end, support enterprise deal cycles by ensuring security reviews don't block deals
- Projects: Build security processes that scale from 25 to 100+ people. Evaluate and implement new tools as we grow. Manage relationships with external partners, including compliance and IT vendors.
Qualifications
- 2-5 years of experience in IT operations, security, or compliance at a startup or small company
- Experience managing macOS devices in a professional environment
- Hands-on experience administering SaaS tools and access controls
- Familiarity with compliance frameworks (SOC 2, HIPAA, GDPR) at a practical level
- Comfortable on customer calls explaining technical security concepts to non-technical audiences
- Experience with compliance tooling (Vanta, Drata, or similar)
- Organized, detail-oriented, and comfortable owning operational responsibility
- Self-directed with strong communication skills
Nice to Have
- Experience completing security questionnaires for enterprise customers
- Familiarity with Okta, Azure/AWS IAM, and cloud security
- Experience working with managed IT providers
- Security-related software engineering experience