Failed to generate summary.
Work as a close partner to the Head of IT on global IT operations, projects, and security programs - taking ownership of assigned workstreams and keeping them moving.
Step in to cover when needed - attending meetings, making day-to-day operational decisions, and ensuring global programs stay on track during absences.
Act as the senior technical escalation point for IT Globally, responding with both depth and empathy to complex issues and requests.
Translate strategic direction from the Head of IT into practical local execution across the team.
**
Operationalize the ISO/IEC 27001:2022 ISMS alongside the Head of IT: maintain the Master Document List, support internal audit cycles, coordinate management reviews, and drive corrective action and continual improvement processes.
Contribute to the rollout and ongoing operation of the ISO/IEC 42001 AI Management System (AIMS) - including scope definition, risk assessment for AI systems, policy drafting, and evidence management as Apply Digital expands its use of AI.
Maintain and improve Apply Digital's AI Policy and related governance documents in line with ISO 42001 requirements.
Assist with SOC 2 Type 2 evidence collection and control testing; administer the Vanta platform, remediate findings, and ensure continuous monitoring SLA targets are consistently met.
Serve as the IT contact for external auditors (ISO 27001, SOC 2) and coordinate evidence submission across teams.
Monitor the threat and vulnerability landscape; assess risk, update the risk register, and escalate material issues through the ISMS risk treatment process.
Manage and respond to security events in coordination with the Incident Response Plan.
Manage third-party supplier security reviews in accordance with the Third-Party Management Policy.
**
Manage user account and application access in cloud identity and productivity platforms: Okta, Google Workspace, Slack, Atlassian Cloud, AWS, GCP, Azure, and others.
Continuously improve the identity platform (Okta LCM) and MDM environment (Jamf Pro), ensuring devices, access, and configurations remain secure and compliant.
Oversee IT operations across the full employee lifecycle: onboarding, offboarding, access reviews, and role changes.
Work with AI tooling to maintain security compliance, automate routine tasks, and reduce manual toil.
Manage LATAM hardware procurement, setup, deployment, and asset inventory.
Manage software license and subscription allocations.
**
Design, scope, implement, and continuously improve internal IT policies, procedures, and the tool stack.
Produce and maintain clear documentation for both the IT team and end-users, covering orientation guides, runbooks, and security awareness content.
Propose and evaluate new vendors and technologies; manage pilots and integrations in collaboration with the Head of IT.
Minimum 5 years of experience within a technology company in a senior IT role, operating with a high degree of independence.
Comfortable supporting and informally guiding junior IT colleagues without a formal management mandate - sharing knowledge, reviewing work, and helping the team level up.
Direct, hands-on experience running or significantly contributing to an ISO 27001 ISMS - including internal audits, risk assessments, document control, and management reviews.
Familiarity with ISO/IEC 42001 AI Management Systems, or demonstrated ability to rapidly master a new management-system standard and operationalize it.
Experience administering a compliance automation platform (Vanta strongly preferred; Drata or similar acceptable).
Experience with SOC 2 Type 2 evidence collection and audit preparation.
**
Strong hands-on experience with Okta, including Lifecycle Management (LCM), Universal Directory, and SSO/MFA configuration.
Proficient in MDM administration for macOS fleet management, including policies, profiles, smart groups, and patch management.
Confident macOS troubleshooting at the system and network level.
Proficiency with cloud identity and productivity suites: Google Workspace, Slack, Atlassian Cloud, and at least one of AWS / GCP / Azure at an IAM/security level.
Comfortable using AI-powered tools and automation to improve security compliance, reduce toil, and augment IT operations.
Knowledge of secure software development practices is an asset.
**
Excellent interpersonal and communication skills - able to adapt your approach for end-users, cross-functional stakeholders, and leadership alike.
Customer-service oriented: you are the person people trust to make things work and to feel supported.
Proficiency in both verbal and written English is essential, given coworkers and offices in Vancouver, Toronto, London, and Noida.
Strong judgment and the ability to manage competing priorities independently, knowing when to act and when to escalate to the Head of IT.
Self-starter who thrives in a lean, fast-moving environment without needing detailed direction.
Resilient and positive - energized by ambiguity and committed to continuous improvement.
ISO 27001 Implementation or evidence collection experience.
ISO 42001 Experience with implementation AIMS (AI Management System)
CISSP, CISM, CompTIA Security+, or equivalent security certification.
Experience with NIST AI Risk Management Framework (AI RMF) or EU AI Act compliance.
Scripting or automation skills (Bash, Python, or similar) for IT/security workflow automation.