Ironclad is the #1 contract lifecycle management platform for innovative companies. Every company, in every country, in every industry runs on contracts, but managing these contracts slows companies down and costs them millions of dollars. L’Oréal, Staples, Mastercard, and other leading innovators use Ironclad to collaborate and negotiate on contracts, accelerate contracting while maintaining compliance, and turn contracts into critical carriers of operational business intelligence. It’s the only platform flexible enough to handle every type of contract workflow, whether a sales agreement, an HR agreement or a complex NDA.

Ironclad is writing the narrative that shows how beautiful and functional contracting will change business. We’re a leader in the Forrester Wave for Contract Lifecycle Management. We have been recognized as a Fortune Great Place to Work for four consecutive years. Our innovation and work culture have been recognized by Glassdoor's Best Places to Work 2023, Forbes’ 50 Most Promising AI Companies, Wing Venture Capital's Enterprise Tech 30, and Gartner's Magic Quadrant. We work in a highly collaborative environment, and strive to foster a positive, inclusive culture. We’re backed by leading investors like Accel, Y Combinator, Sequoia, and BOND. For more information, visit www.ironcladapp.com or follow us on LinkedIn and Twitter.

Security at Ironclad

This role is a blue team operator for both corporate and product security.

Security Operations

• Monitor and investigate alerts in CrowdStrike Falcon, escalating incidents as needed.

• Respond to endpoint detections, phishing attempts, and insider threats across endpoints managed via Jamf.

• Maintain and improve detection rules, dashboards, and response workflows.

• Administer and tune Wiz for cloud workload protection and misconfiguration detection in Google Cloud Platform (GCP).

• Collaborate with IT on Google Workspace security controls and sensitive analysis.

DevSecOps

• Integrate security scanning and policy checks into CI/CD pipelines, such as CircleCI. Includes container scanning, SAST, and DAST.

• Work with engineering to remediate vulnerabilities, harden Docker images, and reduce supply chain risk.

• Contribute to secure coding guidance and enforcement of security controls during CI/CD workflows.

Governance and Compliance Support (limited)

• Assist with evidence collection and controls validation for audits (e.g., SOC 2, ISO 27001).

• Document procedures and help drive continuous improvement in incident response and vulnerability management processes.

Qualification preferences

• Experience supporting a B2B SaaS product in a regulated environment, inclusive of GDPR, HIPAA, SOC, ISO 27001, and NIST SP 800-53.

• Familiarity with MITRE ATT&CK, threat hunting techniques, and adversary simulation.

• Experience with compliance tooling, vulnerability management platforms, or Google security APIs.

Benefits:

• Health, dental, and vision insurance

• 401k

• Wellness reimbursement

• Take what you need vacation policy

• Generous parental leave for both primary and secondary caregivers

Base Salary Range: $170,000 - $190,000

The base salary range represents the minimum and maximum of the salary range for this position based at our San Francisco headquarters. The actual base salary offered for this position will depend on numerous factors, including individual proficiency, anticipated performance, and the location of the selected candidate. Our base salary is just one component of Ironclad’s competitive total rewards package, which also includes equity awards (a new hire grant, along with opportunities for additional awards throughout your tenure), competitive health and wellness benefits, and a commitment to career growth and development.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.