Lead Information Security Engineer

About Omni

Omni gives businesses one place to easily analyze all their data. Built by the teams behind Looker and Stitch, Omni combines data models, a point-and-click UI, spreadsheet formulas, and powerful visualizations so every team can answer questions fast and accurately. Omni is trusted by companies across industries and regions because it’s the only analytics solution that unifies every team across your business in a single platform. 

Headquartered in San Francisco, CA, Omni has $97 million in funding from top investors — including ICONIQ Growth, First Round, Redpoint, and Google Ventures.

About you and the role

You will be the first full-time security and IT hire, partnering with the CTO to maintain the security of our internal and customer-facing systems while we continue to build and grow quickly.

What you will do:

• Build and implement our policies – ensure the confidentiality, integrity, and availability of our information systems and compliance with standards like GDPR, CCPA, HIPAA, and SOC 2
• Build trust with our customers - maintain security documentation for our customers and prospects and answer their questions about our security posture
• Lead incident response - monitor security systems to detect and respond to security incidents, implement incident response plan with periodic testing
• Own day-to-day IT operations and security for our SaaS stack – automate onboarding/off-boarding, role-based access, secure configuration, and license management using Rippling and Google Workspace as identity sources
• Serve as first-line IT support for a Mac fleet – manage MDM policies, EDR, hardware procurement, and a lightweight help-desk queue
• Drive vendor governance for all applications – evaluate new software, track usage vs. seat count, and ensure every vendor meets Omni’s security standards before purchase

Qualifications:

• Minimum of 5 years of experience in information security engineering and/or IT operations
• Hands-on admin experience with productivity platforms like Google Workspace or Office365 and identity platforms like Okta, Active Directory, Google Workspace, or Rippling.
• Knowledge of security and compliance frameworks such as NIST, ISO 27001, and GDPR.
• Strong knowledge of security principles, technologies, and best practices, particularly for modern cloud and SaaS infrastructures.
• A builder mindset, comfortable in 0→1 environments and passionate about automation and data