Staff Information Security Specialist

Senior Staff Information Security Specialist to join Carrum’s Cybersecurity & IT team. Lead security initiatives, architect IAM with Least Privilege, drive AppSec/DevSecOps, automate compliance (HITRUST, SOC 2, HIPAA) with automation platforms (Vanta preferred), and collaborate with engineering to reduce manual provisioning. Roles include incident leadership, security operations, threat hunting, vendor assessments, and governance of security tools and policies. Requires hands-on experience across cloud (AWS/Azure/Google Workspace), code reviews, security questionnaires, risk management, and effective communication with non-technical stakeholders. Strong preference for a builder mindset, autonomous FTE work, and expertise in IAM, security automation, and security tooling. 8+ years of senior-level experience and a track record of delivering security programs in fast-paced environments are required.