Senior Security & It Specialist

Easy Agile is an Australian founded bootstrapped start-up. We have four products built on top of Atlassian's flagship product Jira, sold via the Atlassian Marketplace. Profitable from year 1, we are on a truly unique journey with an emphasis on work/family/community/self balance, while growing a high-performing team. Due to our extremely fortunate position, we are driven by giving back to our community and our people - enabling our people to live the lives they only dreamed of.

Our HQ is in Wollongong and we have an office in Sydney, but you can find us scattered along the coast anywhere from Brighton to Tweed Heads.  We offer flexible working, so you can be based anywhere in Australia! We optimise for collaboration and connection face to face as a team each quarter.

We believe that being agile is a mindset, and that true agility unlocks a team's potential to be happier at work, have more impact in the solutions they're building, and be more focused on their customer's success! That's why our purpose is to help organisations realise the benefits of being agile. We're proud to call over 1,900 companies our customers, including Netflix, Harvard, Amazon, Lego, Mercedes and Twitter.

This is a new role, reporting to the Head of Engineering. We're searching for an emerging leader who can craft a new discipline within our company, supporting the team and our customers now while setting us up for the next decade.

We have a growing team that is predominately remote. In 2023, we brought on a few contractors prompting us to consider levels of access to data within the company to maintain our security posture.

We are also on a journey where our global Mid-Market and Enterprise customer base is shifting from on-premise to SaaS. This journey has required us to elevate our security, reliability, availability and privacy efforts. To hold the company accountable to the demands of our Cloud customers we are on a pathway to attain a SOC II Type 2 certification, and from there ISO 27001. We are introducing new processes and ways of working.

 

This is a more complicated environment than we've operated before, and it will require working with all levels of the company to achieve our security objectives. You will take the company on the journey, help us embed and improve our practices, and ensure security is a smooth and seamless part of our operations.

Come and help us continue to craft a best-in-class company that ensures the security of our customer data, products that delight our customers, a people-first approach, and profitability at its core.

To understand this role, let's fast-forward to your 2 year anniversary at Easy Agile to see what you have achieved:

• When surveyed our customers have a high degree of trust in our Cloud offerings, and the company can proudly say we are on the front foot and proactive when it comes to improving our security posture.
• You'll have ensured we maintain our SOC 2 Type 2 compliance and added ISO 27001 to our list of certifications. Not only that, you'll have systematised and operationalised the annual compliance requirements for our certifications.
• You've become a voice for our customers around security and have maintained our Trust Center and Trust Report (we use Vanta) to demonstrate compliance to our customers. You have completed security questionnaires from existing and potential customers, ensuring they have the confidence to move forward with our solutions from a security standpoint. These improvements have led to a demonstrable reduction in the evaluation to purchase cycle time for our security-conscious prospects.
• You lead the annual certification requirements and continuous improvement of our security program: maintaining our policies and procedures documentation; conducting access reviews for new vendors/suppliers and up-levelling existing vendors/suppliers; running risk/ROI scenarios with the Leadership Team; compliance discussions with our external auditors, and what is required of team members, when and why.
• You have become the go-to person accountable for driving the continual improvement of our security and IT posture. You'll have kicked off and run ongoing education programs for our team around the principles of security and privacy by design. And you'll make sure the company prioritises investments in our infrastructure and is proactive in securing our customer's data and our company's future.
• You'll provide a great operating environment for our team members: providing application support for Atlassian, Google, Hubspot and other SaaS platforms; maintaining our IdP solution (Okta), including user and group management, workflows, automation and SCIM/SSO integrations; improved hardware asset tracking and inventory management via MDM (we use Kandji) plus rolling out an asset reuse program (i.e. selling old cleaned laptops back to the community); and provided top-notch IT support to our team members including MacOS, networking and other needs.

About you:

• You've been engaged in security compliance programs such as CAIQ / SOC II / ISO 27001.
• You've worked with, implemented and maintained an IdP, Google Suite, and an MDM.
• You are a people-first, empathetic person who gets genuinely excited about enabling other team members to achieve their best work by finding solutions to help them punch above their weight.
• You know how to troubleshoot and fix common desktop and network issues.
• You love building relationships and collaborating across functions and all levels.
• You have commercial experience, being able to demonstrate the risk/ROI payback for security investments.
• You have experience with lean principles and agile environments (do you know John from The Phoenix Project?)
• You are a curious person who seeks to learn and explore new techniques and practices that can enable the company to scale effectively.

- Unique and generous Employee Share Option Plan (ESOP).

- Flexible working options (because we value outcomes over output).

- Four paid volunteer days a year to dedicate to your favourite cause.

- An annual learning allowance of $5,000 to help you up-level your skills.

- Quarterly experimentation hackathon weeks to explore new ideas.

- 2% in additional superannuation contributions per annum.

- Company-funded parental leave (20 weeks full pay for the primary caregiver and 6 weeks for the secondary caregiver).

- Summer sessions where you get half days off on Fridays to enjoy the amazing weather as you please.

- $2000 to put towards your home-office fit out (if you choose to work from home).

- Quarterly team off-sites to invest in collaboration and connection.

- Opportunities to travel overseas to conferences to learn more about our customers and agile.

If you are excited about this role but not sure if you meet all of the criteria, please apply. Research shows women and minority groups are less likely to apply for roles where they don't meet 100% of the criteria. We value punching above our weight and people over perfection, so go ahead and apply - we'd love to hear from you.