Director of Information Security

About Novata

Novata is a public benefit corporation set up to empower private companies to assess their ESG performance—because a company can’t change what it can’t measure.

Founded in 2021 by a unique consortium of The Ford Foundation, Omidyar Network, S&P Global, and Hamilton Lane, Novata provides secure and intuitive technology to help companies navigate the complex ESG landscape. 

Targeted at private investors and companies, the platform enables customers to collect, analyze, benchmark, and report relevant ESG information. It offers a clear starting point for selecting the metrics that matter, streamlines data collection, and contextualizes information to drive reporting and action.

Novata’s growth has been consistent and broad-based, with fast investor adoption, which has enabled even faster scaling of underlying portfolio companies.

Today, Novata has more than 7,000 private companies in over 20 countries contracted to use the platform. It quickly reached a leadership position in the US, has accelerating traction in Europe, and has launched in APAC with a strong pipeline across segments and across geographies.

Novata has offices in North America, Europe, and APAC.

About the role:

We’re a hybrid team of engineers, security operations partners, and DevSecOps specialists with a mixture of backgrounds and technical disciplines distributed globally. Our highest priority is to ensure the protection of our data assets and systems in support of our SaaS platform business model.  We’re strong believers in the principles of agile and hybrid teaming with our software engineering function to ensure a secure-by-design approach is applied to all systems implementation, enhancement, and operation.

This role reports to the Novata CTO, with direct responsibility for leading the day-to-day security operations and security engineering functions including responsibility for security architecture, security operations, platform and data security monitoring, and risk management. 

This position will be located in the New York, NY area.

Key Responsibilities:

• Play a leading role in establishing Secure by Design principles across the company-wide SDLC enterprise.
• Manage relationships with applicable contracted 3rd parties, and key security operations suppliers to ensure the continuous monitoring and visibility of the security posture of Novata.
• Work closely with key stakeholders including executive leadership, product engineering, product management, information technology, people team, and legal group.
• Identify opportunities and implement best practices to continuously improve our security posture and readiness to respond to security threats.
• You will play a key role in maintaining and enhancing our security program readiness in support of both SOC 2 and ISO 27001 certification standards.
• Identify and clearly define risk items, issues, and incident responses, including root cause analysis and improvement. 
• Review and evaluate the adequacy of internal controls and compliance with IT security policies and procedures.
• Develop and review policies, controls, and standards where appropriate.
• Develop and monitor the Information Security audit and compliance schedule.
• Lead risk management process for vendors and technology partners to ensure alignment with the security obligations of our customers.
• Assist with customer inquiries and contract definitions related to security and data privacy obligations.
• Assist with customer RFP, RFI, and bid package clarifications related to Cyber Security tooling and commitments being made by Novata.

Requirements

Qualifications:

• Excellent communication skills and the ability to work collaboratively and respectfully with other functions.
• Extensive experience in at least two technical operations or engineering disciplines, whether that be network, infrastructure, cloud, data platforms, or software engineering.
• A business-centric approach to risk management and risk tradeoffs that allow the continuous evolution of our security and compliance posture to support organization-wide commercial objectives.
• A focus on generating meaningful results in a matrix organizational model.
• The ability to establish rapport and trust with key stakeholders at all levels of the organization from individual software developers to executive leadership.
• Extensive and demonstrable experience in information security, cyber security, data protection, disaster readiness, risk management, and security operations.
• A passion for continuous learning and awareness of new capabilities and solutions that support secure systems delivery.
• 5+ years of technology delivery experience with a focus on infrastructure, application development, data engineering, or security operations.

Benefits

Compensation and Benefits:

• We want our employees to have the best opportunities at work and in life. We know that requires us to provide more than just a great place to work. We are committed to providing industry-leading benefits and flexibility that allow you to achieve all your life goals. Here are the important highlights:
• Base Salary of $170,000 - $190,000
• Equity options.
• Comprehensive benefits package including health insurance, retirement plans, and paid time off.
• A flexible work environment with full support for remote work and access to an office in Manhattan
• Opportunities for personal and professional development
  

Why Join Us?

Novata is a mission-first company built to enable the private markets to drive more impact. We are at the unique intersection of ESG, the private markets, and mission-driven impact. We are well-funded, have a top-tier executive leadership team, and have experienced a successful commercial launch in the first half of 2022. We have a highly aggressive growth plan to establish ourselves as the industry leader of ESG with immediate plans for product and international expansion.

Members of our leadership team have been globally recognized for their success as leaders of large public companies, founders of successful startups, leaders of established ESG organizations, and builders of robust tech platforms. We are passionate, highly motivated, and experienced individuals who embrace our diverse backgrounds. Together, we will become the platform of choice and a catalyst for a change in the way business is done. 

Novata is an Equal Opportunity Employer and it is our policy that we will not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other protected category with respect to recruitment, hiring, training, promotion and other terms and conditions of employment.