IT & Compliance Manager

CompanyAt Arrive AI (Nasdaq: ARAI), we're not just building products—we're transforming the future of the Autonomous Last Mile™ (ALM). Over a decade ago, we started with a pioneering vision and patents for the first smart mailbox for drone delivery. Through systematic research, development, and deep customer collaboration, we've evolved to today where we deploy Arrive Points—a type of smart locker and mini-cross-docks for frictionless drone, robotic, and courier delivery and pickup, utilized from medical supplies to meals to e-commerce. Arrive AI is now growing and investing to scale an ALM network and platform of the future for all autonomous delivery providers, services, and customers. Arrive AI is the intelligent choice for the last inch of the Autonomous Last Mile™.About UsWe move fast, balancing strategy with opportunity. We are merit-based, valuing integrity, innovation, and treating others as we want to be treated. At Arrive AI, every employee is an equity holder and a business owner. Our shared vision, ownership, and culture fuel our mission to revolutionize autonomous delivery.Role OverviewThe IT Manager is responsible for day-to-day IT operations while strengthening our security posture and supporting our progression toward SOC 2 compliance. This role will serve as the central point of coordination between internal teams, our Managed Service Provider (MSP), and Managed Security Service Provider (MSSP), ensuring reliable systems, secure infrastructure, and scalable processes.You will play a key role in building and maintaining IT and security practices that support a growing, high-tech organization.Key ResponsibilitiesIT Operations & SupportProvide day-to-day IT support for on-site and remote employeesEnsure reliable operation of networks, systems, endpoints, and collaboration toolsTroubleshoot hardware, software, and connectivity issuesManage device setup, configuration, deployment, replacement, and lifecycle standardsHelp maintain technology environments in accordance with company policies, security standards, and compliance requirementsMSP & MSSP CoordinationServe as the primary point of contact for both the Managed Service Provider (MSP) and Managed Security Service Provider (MSSP)Coordinate IT support, security monitoring, and incident response across internal teams and external partnersEnsure MSP/MSSP services meet defined SLAs, security standards, and evolving business needsTrack, escalate, and resolve recurring issues, vulnerabilities, and security alerts in a timely mannerPartner with MSP/MSSP to implement and maintain system performance, security controls, and compliance-related processesSecurity, Access Management & ComplianceManage user accounts, permissions, and access controls using least-privilege principlesSupport implementation and enforcement of cybersecurity best practices, including endpoint protection, MFA, patching, and password/access standardsAssist with security monitoring, patch management, vulnerability remediation, and incident response in coordination with MSPHelp ensure IT systems, processes, and records support company compliance obligations, internal controls, and audit readinessMaintain and enforce IT policies, acceptable use standards, data handling practices, and access review processesSupport compliance with applicable regulatory, customer, privacy, and security requirements as they relate to company systems and information assetsSOC 2 & GRC (Governance, Risk & Compliance)Support and help lead the organization’s efforts toward SOC 2 compliance, including control implementation, documentation, and audit readinessPartner with leadership, MSP/MSSP, and external advisors to align systems and processes with SOC 2 Trust Services CriteriaIdentify gaps, track remediation efforts, and maintain audit evidenceAdminister and support GRC platforms (e.g., Drata, Vanta, Secureframe, or similar)Ensure timely collection and organization of audit artifacts and supporting documentationMonitor control effectiveness and support continuous compliance effortsAssist in responding to customer security questionnaires, insurance requirements, and third-party risk assessmentsVendor, Asset & Records ManagementCoordinate with technology vendors and service providersTrack IT assets, licenses, warranties, and inventorySupport contract renewals and basic cost trackingAssist with onboarding and offboarding processes, including timely provisioning and deprovisioning of accessMaintain records related to assets, software, access, and system changes to support internal controls and compliance needsProcess, Documentation & Audit ReadinessMaintain IT documentation, procedures, standards, and support guidesIdentify recurring issues and recommend practical improvementsHelp standardize IT processes as the company growsDocument controls, workflows, and technical procedures in a manner that supports training, consistency, and audit readinessAssist in preparing materials and evidence for internal reviews, customer requests, insurance questionnaires, and external audits as neededWhat Success Looks LikeEmployees receive fast, reliable IT supportMinimal downtime and smooth day-to-day operationsClear communication and effective coordination with the MSPWell-maintained systems, accurate asset tracking, and timely access managementIT processes scale with the business while supporting security, internal controls, and compliance expectationsDocumentation is current, accessible, and sufficient to support audits, investigations, and operational continuityAdditionalPossible travel up to 5 days per month. Responsibilities include all other duties as assigned.CompensationSalary is market competitive with high equity incentive – be an owner and grow with Arrive AI. What We're Looking For5+ years of experience in IT support, IT operations, or IT administration rolesExperience coordinating with Managed Service Providers (MSPs) and/or MSSPsStrong troubleshooting skills across hardware, software, networking, and access managementExperience supporting both on-site and remote employeesFamiliarity with IT controls, audit processes, and compliance-related documentationExperience using GRC tools such as Drata, Vanta, Secureframe, or similar platformsUnderstanding of cybersecurity fundamentals (access control, endpoint security, patching, monitoring)Ability to prioritize and operate effectively in a fast-paced, growing environmentPreferred QualificationsDirect experience supporting a SOC 2 audit (Type I or Type II)Experience in a startup or high-growth environmentFamiliarity with security frameworks (SOC 2, NIST, CIS Controls, ISO 27001)Experience working with external auditors, security consultants, or compliance vendorsExposure to manufacturing or hardware-focused environments