IT & EP Security Engineer

Company Description Duetti is redefining how independent music creators monetize and grow their careers. Founded in 2022 by CEO Lior Tibon and COO Christopher Nolte, Duetti partners with creators to unlock the value of their catalogs through flexible, straightforward deals, while also offering top-tier catalog management, distribution, and marketing services. Since its founding, Duetti has partnered with over 1,100 music creators across 40 countries - including Connor Price, Ingrid Contreras, and Brent Morgan - helping them monetize their music on their own terms and reach new audiences. Backed by leading investors including The Raine Group, Flexpoint Ford, Nyca Partners, Viola Ventures, and Roc Nation, Duetti has raised over $635 million in capital to fund independent music creators. Fueled by a belief in independence and financial empowerment, Duetti is building a more sustainable future for music creators everywhere. With offices in New York City, Los Angeles, Miami, and London, Duetti offers a competitive benefits package, including healthcare coverage, flexible paid time off, and a hybrid work model. Duetti provides an ambitious, high-ownership environment where your work will have an immediate, tangible impact.   What You’ll Do Build & Own Core IT & Endpoint Systems Design, implement, and operate the systems that manage Duetti’s internal devices and access landscape Own endpoint management end-to-end, from provisioning and onboarding through monitoring, compliance, and offboarding Implement and maintain MDM and endpoint security platforms Ensure devices meet security and operational standards (patching, encryption, monitoring) SaaS Governance & Access Management Design and maintain least-privilege access models across company tools Own onboarding/offboarding access workflows and identity governance processes Maintain a centralized inventory of SaaS tools and integrations Review and approve new tool adoption from a security and access perspective AI & Productivity Tool Risk Management Evaluate the security implications of modern AI and automation tools adopted internally Define guardrails for autonomous agents and AI tools interacting with company data Monitor how productivity tools integrate with internal systems and where data flows Enable safe adoption of new tools without creating unmanaged risk Security Operations (Internal Focus) Monitor for unusual endpoint and account behavior Support incident response for SaaS, endpoint, and access-related security events Maintain IT security documentation, policies, and best practices Partner with Engineering to align internal security with broader platform practices IT Operations & Enablement Provide internal IT support and improve reliability of employee systems Build scalable processes for a growing hybrid team Balance usability, speed, and security across internal tooling   What You’ll Work On Endpoint & Infrastructure Security Build and scale endpoint management across the organization Improve visibility, monitoring, and compliance across devices Reduce operational risk related to unmanaged endpoints Access & Identity Governance Implement structured access reviews and removal processes Design least-privilege access models for SaaS systems Create scalable onboarding and offboarding workflows AI Tooling & Modern Productivity Risk Develop internal standards for safe AI tool adoption Monitor how autonomous or connected tools interact with company systems Help teams move faster while maintaining control and visibility Operational Maturity Build foundational internal IT and security practices Improve documentation, workflows, and internal tooling standards Help establish Duetti’s internal IT function as the company scales   Job Requirements Bachelor’s or Master’s degree in Information Systems, Computer Science, Cybersecurity, or a related field. 7+ years of experience in IT, endpoint security, or internal security engineering roles. Experience being a foundational or early IT/security hire in a startup or fast-growing tech company. Strong experience with MDM and endpoint security platforms. Deep understanding of SaaS access control, identity management, and least-privilege models. Experience managing device lifecycle and endpoint compliance. Familiarity with modern productivity and AI tooling ecosystems. Strong problem-solving skills and ability to build systems in ambiguous environments. Excellent communication and collaboration skills across technical and non-technical teams. Experience with Google Workspace administration is a plus. Exposure to compliance frameworks (SOC 2, etc.) is a plus. Passion for building secure systems that enable teams to move fast.