Key skills
AWSCloudGoogle Cloud PlatformJamfAIGCPGoogle CloudBambooIAMOktaCommunicationCollaboration
About this role
Role Overview
- Work with engineering teams, the Legal team, and the Compliance team across Bamboo on project definition, technical specification, and monitoring as we scale Bamboo’s internal systems and products.
- Architect, implement, and audit Identity and Access Management (IAM), endpoint management (MDM), and zero-trust architectures to protect the company’s data and customer assets.
- Drive proactive monitoring, capacity planning, and system integrity management to ensure a 99.9% system uptime across all core services, ensuring our technical compliance and access controls never break because of scale.
- Stay continuously up to date with industry trends, global reports on operational breaches, and emerging attack vectors, thoroughly analyzing these trends to architect preemptive mitigation and system-hardening strategies.
- Lead incident response efforts for internal anomalies or technical compliance breaches, executing rigorous root-cause analysis and post-mortems to continuously harden our infrastructure.
- Maintain and oversee compliance-driven tooling (such as SIEM platforms, network traffic analyzers, and access gateways), ensuring all internal configurations meet SOC 2, ISO 27001, and local data protection standards.
- Actively mentor junior and mid-level IT engineers through knowledge sharing, policy creation, and thorough process reviews, increasing the team's capabilities without taking on formal managerial tracking.
- Carry out proactive system hygiene activities (such as routine credential rotations, vulnerability scanning, and phishing simulations) to reduce technical debt and minimize external attack surfaces.
- Safely leverage AI tools within your daily compliance auditing and log-monitoring workflows to model faster anomaly detection practices for the broader IT team, ensuring all AI-assisted operations adhere strictly to Bamboo's data sovereignty and privacy standards.
- Ensure all technical operations meet regulatory requirements (GDPR, HIPAA, FinTech regulations).
- Conduct regular risk assessments and manage the Business Continuity and Disaster Recovery (BCDR) plans.
- Develop and enforce company-wide IT policies, including Access Control and Data Privacy standards.
- Oversee lifecycle management, inventory governance, and secure provisioning of IT assets while providing troubleshooting and remediation across endpoints, systems, and compliance tools.
Requirements
- 4+ years of experience in IT operations, technical compliance, systems engineering, or network administration in the fintech industry or on a scaling consumer product.
- Demonstrated mastery of corporate infrastructure tools, Identity Providers (e.g., Google Workspace, Okta), and endpoint management solutions (e.g., Jamf, Intune).
- Deep understanding of technical compliance frameworks (e.g., SOC 2, ISO 27001) and how to translate legal/regulatory requirements into strict infrastructure configurations.
- Proven experience with network integrity tools, anomaly detection, secure cloud environments (e.g., AWS, GCP), and executing technical risk assessments.
- Excellent communication and collaboration skills to partner closely with other stakeholders.
- A passion for clean, auditable systems and a relentless drive to optimize internal security posture without blocking engineering velocity.
Tech Stack
- AWS
- Cloud
- Google Cloud Platform
- Jamf
Benefits
- Professional development opportunities