Lead Nue's corporate IT: set strategy, build and mentor the IT team, own identity/access and SaaS governance, manage endpoints (MDM/EDR), drive SOC 2/SOC 1 audit readiness, run corporate incident response, oversee IT operations, automation, vendor governance, and partner with Engineering and a fractional vCISO.
About Nue.io
OWNERSHIP MODEL
What You'll Do
IT strategy and leadership
IT architecture and infrastructure
Identity, access, and SaaS governance
Security, compliance, and risk
Operations and automation
What is not in scope
What you'll bring
Nue is the AI-powered revenue architecture platform that unifies CPQ, billing, and revenue lifecycle management into a single system. It enables companies to simplify complex pricing, automate monetization, and gain full control over how they generate and scale revenue. Working with customers such as OpenAI, Chilipiper, Glean, HootSuite, and Mews. Nue helps sales, operations, and finance teams gain revenue acceleration, operational efficiency and revenue controls at speed and scale.
About the roleWe are looking for a Director of IT to own and lead the corporate IT function at Nue. You
will set the strategy and vision for corporate IT architecture, identity, compliance, and
operations, and build the team and systems needed to support a fast-growing,
distributed revenue platform.
You will be the most senior IT leader in the organization, reporting directly to the CFO
and partnering closely with Engineering, Dev Services, Finance, and People. Nue runs
an interim operating model with no dedicated CIO or CISO. You will be the corporate IT
and compliance owner inside that model, working with a named Engineering counterpart
and a fractional vCISO who provides senior security leadership. As Nue scales, this seat
is positioned to grow with the company.
OWNERSHIP MODEL
How this role works with Engineering and the vCISO
Nue splits IT and Engineering responsibility using three lines, applied in order. They
resolve almost every ownership question:
- If a customer touches it, Engineering owns it.
- If an employee uses it, IT owns it.
- If an auditor asks about it, it is a joint program with one named owner.
That gives this role a clear lane. You own the corporate surface; Engineering owns the
production and customer-facing surface; the compliance program is shared with you as
the named coordinating owner.
Two structures keep the corporate and product sides aligned without a CIO or CISO
layer between them:
- Security and Compliance Council. A biweekly, 45-minute standing meeting with
you, the CTO or a named engineering counterpart, and the CFO. Fixed agenda:
SOC 2 and SOC 1 status, open findings, upcoming questionnaires, incidents, vendor
risk approvals, and policy changes.
- Fractional vCISO. Eight to fifteen hours per month of senior security leadership. The
vCISO mentors you, signs off on the control matrix, attends customer due diligence
calls, and acts as Nue's senior security voice during this interim period.
- Define and own Nue's corporate IT strategy, roadmap, and budget, translating company growth goals into a scalable IT foundation
- Build, lead, and mentor the IT team, fostering a culture of security-first thinking and operational excellence
- Drive IT maturity across the organization in support of SOC 2 and SOC 1 readiness
- Serve as the primary corporate IT decision-maker and escalation point for the business
- Define and govern standard patterns for user lifecycle, access control, and device posture across the workforce
- Own the design and evolution of corporate IT architecture: endpoints, identity, the SaaS stack, and networking
- Oversee endpoint and asset management, including MDM and EDR policies, patching, disk encryption, and auditable asset inventories
- Ensure reliable, scalable IT operations for a remote-first, globally distributed workforce
- Own corporate identity and access management strategy across Google Workspace, Rippling, Salesforce, Slack, Atlassian, and other core platforms
- Define and enforce role-based access control and least-privilege models, including access reviews and entitlement rationalization
- Lead SaaS vendor governance: onboarding, risk reviews, renewals, and rationalization across the stack
- Drive automation of joiner, mover, and leaver processes through HRIS and identity-provider integrations
- Own the corporate IT compliance framework and maintain controls and documentation for SOC 2 and SOC 1 audits, working with the vCISO on the control matrix
- Define and oversee endpoint security, corporate identity security, and corporate SaaS hardening standards
- Own vulnerability and patch management for corporate endpoints and SaaS (production and cloud-infrastructure vulnerability management is owned by Engineering)
- Lead corporate incident response for business email compromise, phishing, account compromise, lost or stolen devices, and vendor breaches
- Coordinate customer security questionnaires and partner with Engineering and Dev Services on security assessments and risk remediation; Engineering leads on production and customer-facing controls
- Maintain a proactive stance on emerging risks and close corporate gaps before they become incidents
- Oversee IT support operations, ensuring a high-quality experience across a remote-first team
- Champion automation and tooling to reduce manual toil and improve operational efficiency
- Own IT capacity planning: licenses, hardware refresh, and platform investments
- Maintain and continuously improve IT documentation, runbooks, and standards
To keep the ownership model clean, the following sit with Engineering (CTO), not this role. You partner with Engineering on these; you do not own them:
- Product security, application security, and the secure development lifecycle
- Production identity, access, and secrets management
- Cloud infrastructure security and production incident response
- Customer-facing security architecture and the technical answers behind customer security reviews
- 8+ years in corporate IT, with at least 3 years in a leadership or management role at a high-growth tech company
- Proven experience building and scaling IT functions, teams, and strategy from the ground up
- Deep expertise in identity and SSO, endpoint management, and SaaS governance (Google Workspace, Rippling, IdP providers, SCIM, SAML, OIDC)
- Strong working knowledge of SOC 2 and SOC 1, and comfort owning audit readiness and the auditor relationship
- Experience leading IT through audits, security assessments, and customer risk questionnaires
- A track record of hiring, mentoring, and developing high-performing IT teams
- Excellent communication skills, able to translate complex technical decisions into clear recommendations for executive and non-technical stakeholders
- Experience supporting a distributed, remote-first workforce with async-friendly processes and documentation
- Comfort operating inside a defined IT/Engineering split and partnering with a fractional vCISO rather than owning product security directly
The base pay range for this role is $155,000 – $165,000 per year.
What We Offer:- Competitive compensation and benefits that reward your talent and impact.
- Comprehensive health, vision, dental, and life insurance
- A front-row seat in the Silicon Valley tech ecosystem, where you’ll work on cutting-edge challenges shaping the future of SaaS, finance, and payments.
- The opportunity to build truly groundbreaking products — your work won’t just support the business; it will influence how companies around the world monetize and grow.
- A high-energy, collaborative culture where smart, supportive teammates push each other to learn fast, think boldly, and do the best work of their careers.
- Room to grow, lead, and make your mark in a fast-scaling company that values creativity, ownership, and ambition.
Nue.IO is an equal opportunity employer and welcome people of diverse backgrounds, perspectives, and skills.
We will work with applicants to provide accommodations at any stage of the hiring process.
If you require accommodations during the interview process, please email your Talent Partner, and we will work with you to meet your needs.
Similar Jobs
Fintech • Insurance • Payments • Financial Services
The role involves overseeing the procurement strategy in the IT sector, managing supplier relationships, and leading a team to achieve business objectives, while optimizing costs and ensuring compliance with governance frameworks.
Top Skills:
Procurement StrategyRisk ManagementSupplier Management
.png)
Blockchain • Fintech • Analytics • Financial Services • Cryptocurrency • Web3
As a Junior Crypto Trader, you will perform basic trading operations, analyze market trends, and work under a mentor to develop trading skills.
Top Skills:
Analytical ToolsMarket DataTrading Tools
Artificial Intelligence • Productivity • Software • Automation
The Senior Fullstack Engineer will build and manage enterprise authentication systems, improve user session management, ensure security compliance, and support internal API usage across services, while enhancing performance and reliability.
Top Skills:
Ci/CdDjangoFastifyKubernetesNode.jsPythonTerraform
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
