Be an early applicantLess than 25 applicants

Company

Original Job Post

Novata · 2 days ago

Director of Information Security

New York County, NY

Full-time

Hybrid

Director

$170K/yr - $190K/yr

5+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Big DataFinancial Services

Insider Connection @Novata

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Play a leading role in establishing Secure by Design principles across the company-wide SDLC enterprise.

Manage relationships with applicable contracted 3rd parties, and key security operations suppliers to ensure continuous monitoring and visibility of the security posture of Novata.

Work closely with key stakeholders including executive leadership, product engineering, product management, information technology, people team, and legal group.

Identify opportunities and implement best practices to continuously improve security posture and readiness to respond to security threats.

Maintain and enhance security program readiness in support of both SOC 2 and ISO 27001 certification standards.

Identify and clearly define risk items, issues, and incident responses, including root cause analysis and improvement.

Review and evaluate the adequacy of internal controls and compliance with IT security policies and procedures.

Develop and review policies, controls, and standards where appropriate.

Develop and monitor the Information Security audit and compliance schedule.

Lead risk management process for vendors and technology partners to ensure alignment with the security obligations of customers.

Assist with customer inquiries and contract definitions related to security and data privacy obligations.

Assist with customer RFP, RFI, and bid package clarifications related to Cyber Security tooling and commitments being made by Novata.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Technical operationsEngineering disciplinesInfrastructureData platformsSoftware engineeringRisk managementBusiness-centric approachRisk tradeoffsSecurityCompliance postureMatrix organizational modelMeaningful resultsEstablishing rapportInformation securityCyber securityData protectionDisaster readinessSecurity operationsApplication developmentData engineeringCommunicationCollaborationRespectProblem-solvingRapport-buildingTrust-buildingContinuous learning

Required

Excellent communication skills and the ability to work collaboratively and respectfully with other functions.

Extensive experience in at least two technical operations or engineering disciplines, whether that be network, infrastructure, cloud, data platforms, or software engineering.

A business-centric approach to risk management and risk tradeoffs that allow the continuous evolution of our security and compliance posture to support organization-wide commercial objectives.

A focus on generating meaningful results in a matrix organizational model.

The ability to establish rapport and trust with key stakeholders at all levels of the organization from individual software developers to executive leadership.

Extensive and demonstrable experience in information security, cyber security, data protection, disaster readiness, risk management, and security operations.

A passion for continuous learning and awareness of new capabilities and solutions that support secure systems delivery.

5+ years of technology delivery experience with a focus on infrastructure, application development, data engineering, or security operations.