Director, Information Security


Applications have closed logo

Find more jobs like this


Orum is revolutionizing how consumers and businesses send, receive, and access money through its platform of API-based, embeddable infrastructure products. Powered by proprietary intelligence, Orum optimizes transactions for speed, cost, and risk, enabling intelligent routing  across multiple rails--including ACH, same-day ACH, RTP, crypto, wires and more--unlocking 24/7/365 money movement for our partners. 

The Orum team is helmed by expert fintech operators from LearnVest, Marqueta, N26, Square, Bread and Stash and has raised over $82M from leading investors, including Accel, Canapi, Bain Capital Ventures, Inspired Capital, Homebrew, Acrew, BoxGroup, Clocktower Ventures, Primary Ventures, SVB Capital, and American Express Ventures. To learn more, visit  

At Orum, we are a remote-first and people-first company. We believe that working remotely presents a unique opportunity to build a diverse team that opportunistically leverages distance to asynchronously work better.  We have thoughtfully invested in the right tools and practices that will enable individuals to bring their best selves to work while having the flexibility and support to enjoy their personal lives.  We are committed to cultivating an equitable and inclusive work environment where everyone's voice matters. If you’d like to play a part in crystallizing the vision of a world where money is smart, real time, and fully automated, we’d love to hear from you.

About the Role

We are seeking a Director of Information Security to join our Operations team. This person will be responsible for managing, scaling, and deploying Orum’s information security posture as it relates to the organization's proprietary technology, IT and SaaS tools, security policies and practices, and critical partnerships. This role will report to Orum’s Head of Operations and act as the primary, hands-on, security resource for key business functions and initiatives. You would be joining a small team of experienced technologists and business people excited to be changing the experience of moving money in the US for everyone.

The ideal candidate will bring a high level of expertise in information security frameworks, controls and audit techniques. You can quickly understand the security operations and challenges in the current and future state of the business’s SOC2 compliant operations.

As a Director of Information Security, you will oversee five main categories:

  • Strategic Planning and Growth
    • Plan, build, and deploy an InfoSec roadmap and define the future of the department
    • Create and manage an internal team to support your vision and maintain alignment of key objectives across the organization
  • Product Security
    • Protection and processes regarding all of Orum’s product related assets and systems 
    • Cloud and infrastructure security, application security, control automation through CI/CD integration, alerts and monitoring, etc.
  • Enterprise IT Security
    • Protection and processes regarding all non-product related assets and systems
    • Examples of such systems include Google Workspace, Okta, collaboration tools, wikis, CRM, finance systems, employee laptops/desktops, secure web gateway, CASB, etc.
  • GRC (Governance, Risk, & Compliance)
    • Program maintenance and delivery of all monthly, quarterly, and annual requirements for existing certifications
    • Policy management, risk assessment, supplier and vendor management 
    • Prospective and existing due diligence, audit management, customer questionnaire response services, access and change management, ongoing employee security training
  • Incident Response and Business Continuity
    • Security operations configuration, monitoring, and responding to alerts 24x7x365
    • Disaster recovery, Data Loss Prevention, and strategic response trainings

You should apply if:

  • You have 6+ years of experience in Risk Management, Information Security, IT and/or as a senior leader of technology teams. 
  • Strong knowledge of common information security management frameworks, such as SOC2, ISO/IEC 27001, and NIST.
  • Working knowledge of Zero Trust concepts and tools, including Secure Web Gateway, CASB, and Software Defined Perimeter.
  • Self starter, comfortable completing hands-on work that will help us scale and automate future workflows 
  • Experience with Cloud computing services including but not limited to AWS, GCP, and Azure
  • You are prepared to make decisions and move quickly
  • You are born operator with a love of collaborative problem solving and a passion for information security
  • You want to work in a very fast-paced and fluid small-team environment at a growing company.

About our Benefits

  • Competitive Salary
  • 100% paid medical for you and your dependents, as well as dental and vision plans 
  • Healthcare and Dependent Care FSA
  • 401(k) Matching
  • Employee stock incentive plan
  • Take what you need PTO 
  • 12 paid holidays & 1-week company-wide time off in December
  • Paid parental leave
  • Paid monthly mental health days for you to reset and focus on your personal well being 
  • Weekly meeting-free, deep-work days
  • Bi-weekly paid virtual “Cafeteria” lunches
  • Subsidized membership to co-working spaces
  • Quarterly health and wellness stipend
  • Stipends for remote office supplies
  • Ongoing professional development provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Tags: Application security Automation AWS Azure Cloud Compliance Crypto Finance FinTech GCP Governance Incident response Monitoring NIST Product security Risk assessment Risk management SaaS SOC2 Vendor management

Perks/benefits: Career development Competitive pay Flex vacation Health care Home office stipend Lunch / meals Medical leave Parental leave Startup environment Wellness

Region: Remote/Anywhere
Job stats:  34  3  0
Category: Leadership Jobs

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.