Fast Facts

EverDriven is seeking a Security Manager to lead its enterprise security function, ensuring the protection of data and infrastructure while promoting a proactive security culture. This pivotal role requires a blend of strategic leadership and technical expertise, contributing to the safety of vulnerable children by enhancing operational security.

Responsibilities: Lead and mature the enterprise security program, manage security policies, oversee third-party risk management, and integrate security into engineering workflows. Drive incident response, vulnerability management, and ensure compliance with relevant frameworks.

Skills: Advanced expertise in Microsoft cloud security, incident response, and vulnerability management. Strong communication skills and the ability to influence security adoption across technical and non-technical teams.

Qualifications: Experience with SOC 2, HIPAA, and FERPA frameworks; proficiency in Azure networking; leadership experience in technical security teams; preferred certifications include CISM, CISSP, and ITIL.

Location: This job is located in Greenwood Village, Colorado, and is a hybrid role requiring 3 days in the office and 2 days remote.

Compensation: $150000 - $170000 / Annually

EverDrivenis a rapidly growing, tech-enabled transportation management company, serving some of the most vulnerable children in our community. We exist to ensure that children with special needs receive safe, efficient, and cost- effective transportation to and from school. Our proprietary, best-in-class, technology solutions enable school districts and parents to easily plan, track and adjust each student’s trips, to and from school, and gives the student access to the educational experience they deserve. Every Trip. Every Day. If you’re someone who thrives in a mission forward, fast-paced, technology driven environment, we would love to talk to you about a fulfilling career at EverDriven.

Position Summary: 

As a Security Manager, you’ll lead EverDriven’s enterprise security function, ensuring the protection of our data, infrastructure, and operations across both internal and production environments. You’ll set the vision for a proactive, risk-based security program—building systems, processes, and a culture that protect the students and families we serve. This role blends strategic leadership with technical depth: you’ll coach engineers, influence policy & architecture, and drive security maturity across the organization.

Salary Range: $150,000 - $170,000/year, based on experience + bonus potential 

Location - Greenwood Village, CO. Hybrid role - 3 days in the office and 2 days remote.

How You Will Make an Impact: 

Program Leadership & Governance

• Lead and mature EverDriven’s enterprise security program by defining strategy, measurable objectives, and execution rhythms across corporate and production environments.
• Own the full lifecycle of security policies—drafting, updating, communicating, and measuring adoption to ensure practicality, auditability, and alignment with evolving business needs.
• Manage the company’s security awareness program (KnowBe4), driving measurable behavioral change through ongoing simulations, role-based training, and targeted communications.
• Govern EverDriven’s partnership with its MSSP, overseeing expectations, detection tuning quality, and continuous improvement opportunities.
• Oversee third-party risk management, ensuring vendors meet security standards, documenting remediation plans, and aligning with procurement and legal stakeholders.
• Lead annual disaster recovery and business continuity planning, ensuring system resilience and readiness through realistic testing and cross-team coordination.

Technical Leadership & Operational Security

• Protect student, employee, and operational data through Microsoft security solutions including Azure, Sentinel, Entra ID, Defender XDR, Purview, and Intune.
• Champion zero-trust architecture across Azure and M365, ensuring identities, access pathways, and network controls scale securely with EverDriven’s growth.
• Integrate security into engineering workflows—embedding controls into CI/CD pipelines, code review standards, and infrastructure-as-code practices, enabling secure automation without slowing delivery.
• Lead the end-to-end incident response, vulnerability management, and threat hunting programs—establishing playbooks, maturing detection capabilities, coordinating response, and driving continuous learning through retrospectives and tabletop exercises.

Compliance, Customer Trust & Cross-Functional Enablement

• Align security, compliance, and risk management with HIPAA, FERPA, and SOC 2 frameworks—ensuring EverDriven maintains trust with school districts, auditors, and partners.
• Coordinate and deliver responses to customer and district security assessments, questionnaires, and due-diligence requests, ensuring clarity, accuracy, and alignment with EverDriven’s security posture.
• Partner with Engineering, IT, and Business Operations to translate compliance into actionable controls, documentation, and audit-ready processes.
• Drive operational excellence by establishing repeatable controls, reporting mechanisms, and accountability frameworks used across teams.

Innovation & Continuous Improvement

• Evaluate emerging technologies—including AI-assisted detection, confidential computing, advanced identity tooling, and passwordless authentication—and pilot solutions that materially reduce risk or improve operational efficiency.
• Anticipate future security challenges and proactively evolve EverDriven’s controls, processes, and automation to stay ahead of the threat landscape.
• Build a culture of shared responsibility by mentoring engineers and IT staff, modeling strong security judgment, and raising overall security literacy.

What You Will Bring to EverDriven: 

Technical Expertise

Core Expertise:

• Advanced experience with Microsoft cloud security ecosystems (Azure, Sentinel, Entra ID, Defender XDR, Purview, Intune).
• Experience managing security across both corporate IT and cloud-based production environments.
• Proven ability to design, measure, and mature programs aligned with SOC 2, HIPAA, and FERPA frameworks.
• Strong understanding of Azure networking (firewalls, routing, NSGs, VPNs, load balancers) and SaaS workload protection.
• Proficiency in incident response, detection engineering, vulnerability management, and identity security.

Preferred Experience:

• Container and Kubernetes security.
• Azure Landing Zones and infrastructure automation.
• Infrastructure-as-code (Terraform, Bicep, Azure DevOps).
• Experience governing MSSP engagements or MDR/XDR programs.

Leadership & Influence

• Demonstrated success leading technical teams and driving organization-wide security adoption.
• Effective communicator—able to translate complex issues into clear, actionable guidance for both technical and non-technical audiences.
• Skilled at navigating ambiguity, making risk-based decisions, and prioritizing effectively in a fast-moving environment.
• Track record of building alignment across IT, Engineering, Compliance, and business stakeholders.

Certifications

• CISM, CISSP, ITIL, CompTIA or similar certifications are a plus.

Benefits

• Medical, Dental, Vision insurance
• Virtual Doctor Visits with $0 Co-Pay
• Life Insurance (company paid)
• Short Term Disability Insurance (company paid)
• Long-Term Disability Insurance (company paid)
• Paid Time Off (PTO)
• Paid Holidays
• Paid Time to Volunteer
• Flex Spending Account (FSA)
• 401K Plan (with an awesome employer match!)
• Employee Assistance Program
• Employee Discounts Program

Since 2006, EverDriven has remained committed to incorporating environmental, social and governance fundamentals into the framework of our internal and external culture. Today, ESG principles are part of the lifeblood of EverDriven and a driving influence that shapes not only our culture but all aspects of our day-to-day operations. We believe ESG principles enable us to more successfully achieve our mission to help every child have an equal opportunity to learn, grow, and succeed.

Commitment to Diversity and Inclusion:

EverDriven is a mission-centered, action-oriented company that honors diversity and inclusion. Our customers come from all walks of life and so do we. We strive to hire great people from a variety of backgrounds, not just because it’s the right thing to do, but because it makes our cultural health stronger. In turn, our inclusive culture inspires our innovation and fosters a sense of belonging so we can continue to serve the most vulnerable populations with excellence.

Commitment to Equal Opportunity:

EverDriven is deeply committed to building a workplace where inclusion is not only valued but prioritized. We’re proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, family status, marital status, sexual orientation, national origin, genetics, disability, age, or veteran status, or any other non-merit based or legally protected grounds.

Visit our website and learn more about us at www.EverDriven.com

#LI-Hybrid