IT and Security Analyst

About Tavily:

We're building the infrastructure layer for agentic web interaction at scale. Our API is designed from the ground up to power Retrieval-Augmented Generation (RAG) and real-time reasoning in AI systems. By connecting LLMs to high-quality, trustworthy web content, we help developers build agents that are not only intelligent - but also informed.

We work with some of the most innovative teams in AI - from small startups shaping the ecosystem to the largest enterprises deploying AI at scale. Whether it’s powering sales assistants, research copilots, or internal knowledge tools, we’re the missing link between LLMs and the real world.

About the Role:
We are looking for an IT & Security Analyst to join our team. This role sits at the intersection of IT operations, information security, and governance — ideal for someone who enjoys variety and problem-solving. You'll manage our endpoint and SaaS environment, support security operations, and contribute to our compliance and risk management program.

Key Responsibilities:

IT Operations

• Administer Microsoft Intune for endpoint management, device enrollment, and compliance policies.

• Manage user access provisioning and deprovisioning following least-privilege principles.

• Maintain the SaaS application inventory, including license management and access reviews.

• Support onboarding and offboarding, including identity lifecycle management.
  

Information Security

• Support the vulnerability management program — tracking, prioritizing, and coordinating remediation.

• Monitor threat intelligence feeds and translate findings into actionable recommendations.

• Assist with incident response and security tooling administration.

GRC

• Support compliance initiatives aligned with frameworks such as SOC 2, ISO 27001, or NIST.

• Assist with the third-party risk management program, including vendor assessments.

• Complete security questionnaires from customers and partners.

• Maintain security policies and support evidence collection for audits.

Required Qualifications:

• 2+ years in an IT, information security, or combined IT/security role.

• Hands-on experience with Microsoft Intune and endpoint management.

• Experience managing user access and permissions in a corporate environment.

• Familiarity with SaaS platforms and IT asset management.

• Exposure to vulnerability management tools and processes.

• Understanding of threat intelligence concepts.

• Familiarity with at least one compliance framework (SOC 2, ISO 27001, NIST, CIS, etc.).

• Experience with security questionnaires and/or third-party risk assessments.

• Strong written and verbal communication skills.