IT Security & Compliance Lead

Welcome to Agerpoint
Agerpoint is reshaping how agriculture and nature field data is captured, analyzed and managed. Building upon a decade of innovation and a deep IP portfolio, Agerpoint today brings technology to customers across agriculture, restoration and conservation using smartphones and tablets to affordably acquire ground truth data and uses automated analytics to extract plant measurements and insights. Combined with other 3rd party data, this digital twin platform for crops and forests equips public and private sector organizations with unprecedented transparency across the food supply chain and protected natural environments.
The Agerpoint Capture mobile application allows users to capture 3D models of crops and trees via a smartphone or tablet, upload models to the cloud to assess health, yield, species, biomass, and more. Customers can then derive insights from these models with Agerpoint Cloud, a spatial data platform that leverages machine learning for detailed plant-level insights.
Agerpoint was selected as a 2022 Technology Pioneer company by the World Economic Forum, recognized as one of the world’s most promising start-ups that are at the forefront of technological and business model innovation. Agerpoint’s Know Your Carbon™ offering was selected as winner of the Carbon Market Challenge as announced at the United Nations COP26 Climate Summit.
The company is headquartered in Research Triangle Park, North Carolina at the Alexandria Center for AgTech - the country's first and only integrated multi-tenant, collaborative and amenity-rich R&D and greenhouse site.

Job Responsibilities

• SOC2 Compliance:
• Lead the SOC2 audit process, from preparation to certification, ensuring all controls, documentation, and procedures are aligned with SOC2 requirements.
• Implement and continuously improve security controls and processes to maintain SOC2 compliance.
• Collaborate with auditors and external partners to address compliance requirements and close any identified gaps.
• Experience with compliance automation tools like Drata, Vanta, etc
• Security Management:
• Develop and oversee the company’s information security program, including the establishment of security policies, procedures, and protocols.
• Perform risk assessments and vulnerability testing to identify and mitigate security risks.
• Oversee incident response planning and lead investigations of security breaches, providing recommendations for future improvements.
• Ensure security measures are integrated into new products, platforms, and services.
• Collaboration & Leadership:
• Work closely with cross-functional teams, to ensure compliance with security policies and regulations.
• Serve as the main point of contact for security-related matters, advising the executive team on security risks, incidents, and mitigation strategies.
• Build and foster a culture of security awareness across the organization through training and communication.
• Experience working with a startup environment to implement compliance and security standards as a team of one.
• Continuous Improvement:
• Monitor security trends, regulatory changes, and emerging technologies to ensure the company’s security posture remains robust and forward-looking.
• Lead continuous improvements to ensure security frameworks align with industry standards (ISO, NIST, etc.).
• Document and maintain security incident records and remediation processes.

Qualifications

• Bachelor’s or Two-year technical degree in Information Security, Cybersecurity, Computer Science, or a related field.
• 5+ years of experience in security management, with a proven track record of handling SOC2 audits and compliance.
• Deep understanding of security frameworks, including SOC2, ISO 27001, NIST, and GDPR.
• Strong experience with risk assessment, vulnerability management, and incident response.
• Familiarity with Azure cloud infrastructure and secure development practices.
• Experience with security tools such as SIEM, IDS/IPS, and endpoint protection platforms.
• Strong project management skills with the ability to handle multiple projects and timelines.
• Excellent communication skills, with the ability to translate technical concepts into business language for non-technical stakeholders.
• Relevant certifications (e.g., CISSP, CISM, CISA) are a plus.

Agerpoint is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Agerpoint is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at recruiting@agerpoint.com.
Note to Recruiters: 
Agerpoint does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Agreement, Agerpoint will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed Agreement, Agerpoint explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted directly to hiring managers, are deemed to be the property of Agerpoint.