We're on the hunt for a hands-on, sharp-thinking Security & Compliance Lead to level up the physical and operational security of our data center. If you thrive in fast-moving environments, love solving complex problems, and know how to turn policy into action you'll fit right in.
In this role, you'll be the go-to expert on everything from physical access controls and compliance standards to threat detection and incident response. You'll work closely with IT, facilities, and leadership teams to build smart strategies, lead investigations, and keep our data center rock-solid.
Think of yourself as part detective, part strategist, part guard dog; helping us stay ahead of threats with layered defenses, real-time monitoring, and a strong culture of security awareness. Whether you're jumping into a live incident or preparing for the next big audit, you'll have the autonomy to make smart calls and the trust to follow through.
Wage:
$110k-$120k DOE
Benefits:
- 100% employer-paid medical, dental and vision for employees
- Annual review with raise option
- 22 days Paid Time Off accrued annually, and 4 holidays
- After 3 years, PTO increases to 29 days. Employees transition to flexible time off after 5 years with the company-not accrued, not capped, take time off when you want
- The 4 holidays are: New Year's Day, Fourth of July, Thanksgiving, and Christmas Day
- Paid Parental Leave
- Up to 6% company matching 401(k) with no vesting period
- Quarterly allowance
- Use to make your remote work set up more comfortable, for continuing education classes, a plant for your desk, coffee for your coworker, a massage for yourself... really, whatever
- Open concept office with friendly coworkers
- Creative environment where you can make a difference
- No dumb benefits like free dog walking on the weekends that snobby hipster places have to make you feel cool, but mathematically won't cost the company much money because you won't use it
- Trail Mix Bar --- oh yeah
Responsibilities:
- Develop and maintain security policies, standards, and baseline configurations for the data center.
- Enhance layered physical security systems, including CCTV, badge readers, biometrics, and intrusion alarms.
- Manage 24/7 access controls, including visitor management, staff clearances, badge systems, and vendor accreditation.
- Lead risk assessments (e.g., FMEA, threat modeling), identify vulnerabilities, and recommend remediation.
- Ensure compliance with standards like SOC 2, ISO 27001, and PCI DSS; coordinate audits and maintain audit-ready documentation.
- Serve as Incident Commander or key responder for physical breaches, alarms, or policy violations; lead investigations and reporting.
- Maintain and improve incident response playbooks; train staff on protocols and best practices.
- Deploy and manage security monitoring tools (e.g., SIEM, physical access logs) and define KPIs for access attempts and compliance health.
- Deliver regular security reports to leadership and key stakeholders.
- Run training and awareness programs for staff and contractors on physical security and compliance.
- Oversee vendor and third-party compliance through assessments, audits, and contractual reviews.
- Continuously improve security posture by applying industry best practices and staying current on emerging threats and technologies.
Requirements:
- Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience in security and compliance.
- 5+ years in security, compliance, or audit roles within IT infrastructure or data centers.
- Demonstrable experience managing SOC 2, ISO 27001, PCI DSS, HIPAA, or GDPR compliance.
- Hands-on familiarity with physical security systems like CCTV, badge control, biometric access, and alarms.
- Deep knowledge of SIEM systems, incident response frameworks, and risk assessment methodologies.
- Comfortable with networking/physical infrastructure concepts: VLANs, firewalls, environmental sensors, racks.
- A great human
- Strong leadership and interpersonal skills
- A person who gets things done themselves with or without a team
Top Skills
What the Team is Saying
What We Do
Corporate Tools is proudly, stubbornly independent. No outside investors calling the shots. It’s just us choosing customers over profits, every time. We build the behind-the-scenes tools that keep businesses running: software, LLC filings, registered agent service, website and domain registration, address services… basically all the unglamorous stuff that makes companies actually work. We’ve grown into one of the largest B2B providers in the U.S. by sticking to a simple mission: solve the real, messy, confusing problems of starting and running a business, while keeping your privacy intact and making your life a whole lot easier.
Why Work With Us
We’re privately held, debt free, and focused on people. Not investors. That means we can keep hiring folks we like, building tools that actually work, and making sure our customers are taken care of. If you want to know more about what values drive us, check out our Company Principles.
Gallery
Corporate Tools LLC Teams
Corporate Tools LLC Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
As a hybrid employer we have full-time remote employees and employees that live near our offices who have the option to work in-office or from home. There are just a few, select roles that specify and require some in-office time.
