Information Security Manager
United States · Remote
Posted on Tuesday, November 2, 2021
Who You Are:
You will lead Polly’s Information Security function to secure, maintain and grow a world-class mortgage technology services and technology ecosystem for our customers. You are looking for a unique opportunity to shape and grow Polly’s security culture. Your 5+ years of enterprise information security and cloud technology experience has prepared you to successfully develop, enhance and oversee all information security operations activities.
Your expert-level skills in access management in a cloud computing environment, vulnerability scanning, third-party risk assessment, SIEM management, business continuity or disaster recovery makes you the perfect fit for this role. Leading security strategy, direction and cross functional security teams comes naturally to you. Overall, you are a dynamic professional who is excited to make an impact across the organization to keep Polly secure and compliant with industry best practices and regulations.
Does this sound like you? If so, apply today and let’s start the conversation!
What You’ll Do:
- Perform annual SOC2 compliance, penetration tests, and BCP/DR scenarios
- Own, develop, implement, and report to the Board of Directors on the short and long term security strategy and goals in alignment with Polly’s business objectives and culture
- Conduct in-depth security reviews and risk assessments of core corporate and production infrastructure to identify gaps, come up with recommendations, and implement proposed solutions
- Evolve Polly’s capability to monitor threats and vulnerabilities as well as detect, investigate, respond to, and recover from incidents
- Respond to security audits and security assessment requests
- Maintain awareness of current and emerging threats, specifically those within the financial services sector, to ensure cloud environments are properly secured, monitored and documented
- Oversee management of information security tools, contracts, documentation, policies and processes to ensure an operating environment that is sound, sustainable and compliant with company policies and requirements
- Assess and identify security controls for sensitive and regulated data, and refine and oversee Polly’s compliance programs aligned with SOC2
- Resolve security resource requirements including budget, staff, training needs and prioritization
- Ensure the appropriate development and delivery of end user security awareness training, effective reporting, as well as performance metrics; executes on security metric reporting to ensure business and senior leadership have a proper view of current security state and risks
- Define requirements and lead on evaluating and analyzing existing and new technology, platforms and applications to anticipate potential security gaps and concerns
- Own all documentation, process, and training surrounding Polly’s business continuity and disaster recovery abilities
What You Have:
- 5+ years of enterprise information security or relevant technology experience, including with cloud technologies; B2B and SAAS preferred
- Ability to communicate information security requirements to non-technical security stakeholders
- Deep understanding of risk management principles and strong understanding of incident management and security operations
- Expert-level experience in at least some of the following areas: access management in a cloud computing environment, vulnerability scanning, third-party risk assessment, SIEM management, business continuity or disaster recovery
- Familiarity of regulatory requirements such as GLBA and CCPA and frameworks such as NIST and ISO 27002
Why Join Polly:
- We are attacking a trillion-dollar market with gross inefficiencies and seeking to transform the way an entire industry operates
- We have an experienced leadership team that previously built large and impactful platforms
- Outstanding opportunity for professional growth and upward mobility
- Direct engagement with the decision makers and senior business leaders
- Competitive salaries
- 100% paid medical/vision/dental/disability/life insurance
- Unlimited PTO
- Remote environment
Polly was founded in 2019 by a seasoned team of technology and mortgage experts. We are transforming the mortgage industry by automating and streamlining the mortgage transaction lifecycle through data science and machine learning. Lenders and other mortgage stakeholders trust us to optimize performance by automating manual workflows, improving loan profitability, and yielding actionable insights through our next generation BI analytics layer. Polly is backed by prominent Silicon Valley venture firms including 8VC, Meritech, Menlo Ventures, Khosla, Base10, NYCA, Fifth Wall, and Conversion Capital.
Polly is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, age, color, national origin, religion, sex, gender identity, sexual orientation, marital status, pregnancy status, disability status, veteran status or any other legally protected status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.