IT, DevOps & Compliance Lead
About
Edison Scientific builds and commercializes AI agents for science. Scientific discovery moves too slowly, and autonomous AI agents are how we intend to fix that. We're assembling a team of top researchers and engineers across AI and biology to build an AI scientist.
Role
As our IT, DevOps & Compliance Lead at Edison Scientific, you own the systems and processes that keep Edison secure, compliant, and operationally excellent as we scale. You will inherit an in-progress SOC 2 program and a maturing engineering stack, and you will be the person who makes sure that as we grow, our security posture, developer velocity, and employee experience all improve in parallel.
This role is on-site at our San Francisco office in the Dogpatch neighborhood. Our office is a converted warehouse with high ceilings, open space, and a team excited about what we are building.
Responsibilities
Drive Edison's SOC 2 program, owning the auditor relationship, our compliance automation platform, and the internal evidence-collection workflow with a focus on embedding security practices and change logging into day-to-day workflows so that compliance is continuous rather than a point-in-time effort
Partner with engineering to harden production infrastructure: identity and access management, secrets management, logging and monitoring, vulnerability scanning, and incident response
Establish and enforce ITGCs including role-based access controls, change management workflows, backup and recovery procedures, and system monitoring to ensure a secure and auditable IT environment
Run the IT systems and networks the rest of the company touches every day, including SSO and identity, device management, SaaS administration, onboarding/offboarding workflows, and helpdesk
Lead vendor security reviews and customer security questionnaire responses, working closely with our sales and BD teams to unblock enterprise deals
Decide what we run in-house vs. with managed services and external firms, and build the playbooks and tooling that let this function support 3x our current headcount without proportional team growth
Collaborate with engineering, operations, and leadership to keep Edison's security and compliance posture ahead of where our customers expect us to be
Support the buildout of Edison's second SF office and any future satellite offices, owning the IT and infrastructure setup from network and device management through to a fully operational team environment
Own software license strategy across the organization, including consolidating redundant tools, reclaiming unused licenses, enforcing access controls, and leading vendor contract negotiations to reduce annual software spend
Build and maintain a scalable IT asset management system covering hardware procurement and setup, inventory tracking, and software license management
Qualifications
5+ years of experience across some combination of IT, DevOps/SRE, and security/compliance, with at least one role where you owned a SOC 2 program end-to-end
Hands-on technical depth: writing and maintaining Terraform, writing Python automation, configuring Okta SAML integrations, and debugging cloud infrastructure without escalating
Direct experience with at least one compliance automation platform (Vanta, Drata, Secureframe, or similar) and at least one major cloud provider (AWS or GCP)
Strong written communication because you will author policies, respond to security questionnaires, and document processes that people will actually follow
Comfort operating in ambiguity at a fast-growing startup, defining what "good" looks like rather than implementing someone else's vision
Systems thinker who looks for opportunities to build infrastructure and automation that make life easier for the whole company, not just IT
Bias toward automation and self-service over ticket queues and gatekeeping
Experience managing hardware lifecycle and software licensing at a growing company
Bonus points for
Experience scaling a function from one person to a small team
Background working with customers in regulated industries (life sciences, healthcare, defense)
Familiarity with ISO 27001, HIPAA, or FedRAMP
Prior experience at a Series A–B startup that successfully passed a SOC 2 audit
Salary
$190,000 - $250,000 • Offers equity
Why join us?
Competitive salary and equity
Full healthcare coverage — we pay 100% of premiums for you and your dependents
Support for growing families, including a yearly new parent stipend and fertility coverage through Carrot
401(k) company matching
$300 health and wellness benefit
Lunch is on us every day you're in the office, and dinner is on us when you're working late
Regular team offsites and company events
A fast-moving, mission-driven culture where smart people do their best work and actually enjoy doing it