Director, Information Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

AssetMark · 3 hours ago

Director, Information Security

positionAustin, TX
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$135K/yr - $150K/yr

AssetMark is a company shaping the future of financial services, and they are seeking a Director of Information Security to lead their information security and governance programs. This high-impact role involves directing security outcomes, collaborating with various teams to ensure security standards, and maintaining audit readiness for SaaS platforms.

AdviceConsultingFinancial Services
badNo H1Bnote

Responsibilities

Own the day-to-day execution of SOC 2 audits, including: Gathering evidence and screenshots, Responding to auditor requests, Maintaining continuity and precedence across audit cycles, Partnering with the Director of Compliance on audit responses and remediation tracking
Maintain, update, and expand Voyant’s information security policies and procedures, including annual reviews and the creation of new policies (e.g., AI usage, acceptable use, access control)
Contribute to periodic risk assessments, identifying gaps and coordinating remediation efforts
Ensure policies, controls, and evidence remain continuously audit-ready rather than point-in-time
Partner with Compliance and Sales to respond to customer and prospect security questionnaires, RFPs, and due-diligence requests
Provide accurate, policy-backed answers regarding Voyant’s security posture, controls, and compliance commitments
Help maintain scalable processes and tooling for answering security questions efficiently and consistently
Help design, implement, and mature data protection controls within Microsoft 365, including: Microsoft Purview configuration for Data Loss Prevention (DLP), sensitivity labels, and information governance, Collaboration with IT and Compliance to align technical controls with policy requirements
Assist in defining data handling standards for sensitive customer and corporate data
Help administer and maintain Voyant’s JumpCloud environment, including: User and device management, SSO application integrations, Access control and lifecycle processes
Collaborate with IT on endpoint, identity, and SaaS security best practices
Assist IT with select operational tasks where security expertise is required (e.g., networking, firewall configuration)
Evaluate Voyant’s overall security posture across corporate IT and SaaS environments
Work closely with Ops and Engineering to: Review application and infrastructure security controls, Participate in threat modeling exercises, Review results of penetration tests and vulnerability scans
Coordinate penetration testing efforts and help prioritize remediation
Monitor the external threat landscape and advise stakeholders on emerging risks
Maintain and periodically test incident response plans and procedures
Coordinate response activities in the event of a security incident, ensuring clear communication and recovery of critical services
Work with Voyant’s MSP and security vendors for intrusion detection and vulnerability management, including reviewing alerts and reports
Develop and maintain security awareness training for employees
Promote a pragmatic, risk-based security culture that enables the business to move quickly and safely

Qualification

Information SecuritySOC 2 Type IISecurity FrameworksMicrosoft 365 SecurityIdentityAccess ManagementSecurity PoliciesIT Audit ExecutionRisk AssessmentIncident ResponseCommunication SkillsCollaboration

Required

Proven experience in information security, cybersecurity, and IT audit execution
Strong, hands-on experience with SOC 2 Type II audits
Practical knowledge of security frameworks and standards (e.g., NIST, ISO 27001, CIS)
Experience maintaining and authoring security policies and procedures
Experience with Microsoft 365 security tooling, including Purview or comparable DLP / information governance platforms
Familiarity with identity and access management platforms (e.g., JumpCloud or similar)
Experience working closely with IT, Ops, and Engineering teams
Comfort operating as a senior individual contributor who owns outcomes end-to-end
Excellent written and verbal communication skills, especially with auditors and customers

Preferred

Experience automating or streamlining GRC and audit workflows
Familiarity with AWS security services, including WAF, Security Hub, GuardDuty, Shield, ALB, EC2, S3, RDS, and VPC
Exposure to LLM-assisted workflows for governance, documentation, or security operations
IT systems or network administration background
Relevant certifications (CISSP, CISM, CISA, or equivalent)

Benefits

Flex Time or Paid Time Off and Sick Time Off
401K – 6% Employer Match
Medical, Dental, Vision – HDHP or PPO
HSA – Employer contribution (HDHP only)
Volunteer Time Off
Career Development / Recognition
Fitness Reimbursement
Hybrid Work Schedule

Company

AssetMark

twittertwittertwitter
company-logo
AssetMark is an investment adviser registered with the Securities and Exchange Commission.
dateFounded in 1996
location
Concord, California, USA
people-size501-1000 employees
web-link
http://www.assetmark.com

Funding

Current Stage
Public Company
Total Funding
$2.81M
2024-04-25Acquired
2019-07-17IPO
2016-12-09Series Unknown· $2.81M

Leadership Team

leader-logo
Louis Maiuri
Chairman and Group CEO
linkedin
leader-logo
Erin Wood
SVP Advanced Planning
linkedin

Recent News

GlobeNewswire
FinServ Foundation Announces the Addition of Erin Wood and Brian Hamburger to its Board of Directors
2026-01-16
GlobeNewswire
AssetMark Completes Acquisition of Efficient Advisors, LLC
2025-12-15
AssetMark, Inc.
AssetMark Launches Private Market Access with Strategies from Apollo, Carlyle, KKR, and StepStone Group
2025-11-19
Company data provided by crunchbase