Director of Information Security
New York City, United States
Full Time Executive-level / Director USD 170K - 190K
Novata
For the metrics that matter to your firm, we make ESG + carbon data collection, reporting, and insights easy and practical.About Novata
Novata is a public benefit corporation set up to empower private companies to assess their ESG performance—because a company can’t change what it can’t measure.
Founded in 2021 by a unique consortium of The Ford Foundation, Omidyar Network, S&P Global, and Hamilton Lane, Novata provides secure and intuitive technology to help companies navigate the complex ESG landscape.
Targeted at private investors and companies, the platform enables customers to collect, analyze, benchmark, and report relevant ESG information. It offers a clear starting point for selecting the metrics that matter, streamlines data collection, and contextualizes information to drive reporting and action.
Novata’s growth has been consistent and broad-based, with fast investor adoption, which has enabled even faster scaling of underlying portfolio companies.
Today, Novata has more than 7,000 private companies in over 20 countries contracted to use the platform. It quickly reached a leadership position in the US, has accelerating traction in Europe, and has launched in APAC with a strong pipeline across segments and across geographies.
Novata has offices in North America, Europe, and APAC.
About the role:
We’re a hybrid team of engineers, security operations partners, and DevSecOps specialists with a mixture of backgrounds and technical disciplines distributed globally. Our highest priority is to ensure the protection of our data assets and systems in support of our SaaS platform business model. We’re strong believers in the principles of agile and hybrid teaming with our software engineering function to ensure a secure-by-design approach is applied to all systems implementation, enhancement, and operation.
This role reports to the Novata CTO, with direct responsibility for leading the day-to-day security operations and security engineering functions including responsibility for security architecture, security operations, platform and data security monitoring, and risk management.
This position will be located in the New York, NY area.
Key Responsibilities:
- Play a leading role in establishing Secure by Design principles across the company-wide SDLC enterprise.
- Manage relationships with applicable contracted 3rd parties, and key security operations suppliers to ensure the continuous monitoring and visibility of the security posture of Novata.
- Work closely with key stakeholders including executive leadership, product engineering, product management, information technology, people team, and legal group.
- Identify opportunities and implement best practices to continuously improve our security posture and readiness to respond to security threats.
- You will play a key role in maintaining and enhancing our security program readiness in support of both SOC 2 and ISO 27001 certification standards.
- Identify and clearly define risk items, issues, and incident responses, including root cause analysis and improvement.
- Review and evaluate the adequacy of internal controls and compliance with IT security policies and procedures.
- Develop and review policies, controls, and standards where appropriate.
- Develop and monitor the Information Security audit and compliance schedule.
- Lead risk management process for vendors and technology partners to ensure alignment with the security obligations of our customers.
- Assist with customer inquiries and contract definitions related to security and data privacy obligations.
- Assist with customer RFP, RFI, and bid package clarifications related to Cyber Security tooling and commitments being made by Novata.
Requirements
Qualifications:
- Excellent communication skills and the ability to work collaboratively and respectfully with other functions.
- Extensive experience in at least two technical operations or engineering disciplines, whether that be network, infrastructure, cloud, data platforms, or software engineering.
- A business-centric approach to risk management and risk tradeoffs that allow the continuous evolution of our security and compliance posture to support organization-wide commercial objectives.
- A focus on generating meaningful results in a matrix organizational model.
- The ability to establish rapport and trust with key stakeholders at all levels of the organization from individual software developers to executive leadership.
- Extensive and demonstrable experience in information security, cyber security, data protection, disaster readiness, risk management, and security operations.
- A passion for continuous learning and awareness of new capabilities and solutions that support secure systems delivery.
- 5+ years of technology delivery experience with a focus on infrastructure, application development, data engineering, or security operations.
Benefits
Compensation and Benefits:
- We want our employees to have the best opportunities at work and in life. We know that requires us to provide more than just a great place to work. We are committed to providing industry-leading benefits and flexibility that allow you to achieve all your life goals. Here are the important highlights:
- Base Salary of $170,000 - $190,000
- Equity options.
- Comprehensive benefits package including health insurance, retirement plans, and paid time off.
- A flexible work environment with full support for remote work and access to an office in Manhattan
- Opportunities for personal and professional development
Why Join Us?
Novata is a mission-first company built to enable the private markets to drive more impact. We are at the unique intersection of ESG, the private markets, and mission-driven impact. We are well-funded, have a top-tier executive leadership team, and have experienced a successful commercial launch in the first half of 2022. We have a highly aggressive growth plan to establish ourselves as the industry leader of ESG with immediate plans for product and international expansion.
Members of our leadership team have been globally recognized for their success as leaders of large public companies, founders of successful startups, leaders of established ESG organizations, and builders of robust tech platforms. We are passionate, highly motivated, and experienced individuals who embrace our diverse backgrounds. Together, we will become the platform of choice and a catalyst for a change in the way business is done.
Novata is an Equal Opportunity Employer and it is our policy that we will not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other protected category with respect to recruitment, hiring, training, promotion and other terms and conditions of employment.
Tags: Agile Cloud Compliance DevSecOps ISO 27001 Monitoring Privacy RFPs Risk management SaaS SDLC SOC SOC 2
Perks/benefits: Career development Equity / stock options Flex hours Flex vacation Health care Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open TS/SCI-related jobs