Information Security Analyst
United States - Remote
NovataFor the metrics that matter to your firm, we make data collection, reporting, and insights easy and practical.
Novata is a public benefit corporation created and funded by a unique consortium of foundations and private sector companies including the Ford Foundation, the Omidyar Network, S&P Global, and Hamilton Lane. We are a for-profit, mission-driven company with a goal of empowering the private markets to build a more inclusive and sustainable form of capitalism. By bringing together the brightest minds in financial data, private equity, social justice and inclusive capitalism, we aim to build the best technology and tools for the private markets to better collect, analyze, benchmark, and report ESG (Environmental, Social, Governance) data. We have an experienced and diverse team who are as ambitious about growing a successful company as we are about making an impact. We hope you’ll join us.
About the role
We’re a hybrid team of engineers, security operations partners, and DevSecOps specialists with a mixture of backgrounds and technical disciplines distributed globally. Our highest priority is to ensure the protection of our data assets and systems in support of our SaaS platform business model. We’re strong believers in the principles of agile and hybrid teaming with our software engineering function to ensure a secure by design approach is applied to all systems implementation, enhancement and operation..
This role reports to the Novata Information Security Director, with responsibility for conducting a broad range of security operations and security engineering tasks including supporting security architecture reviews, data loss prevention, cloud security posture management, incident response, incident investigation, identity and access management, platform and data security monitoring, and risk management.
- Support a variety of proactive security readiness activities including continued enhancement of our data loss prevention program, vulnerability management, and cloud security posture management.
- Work closely with key stakeholders including executive leadership, product engineering, product management, information technology, people team, and legal.
- Identify opportunities and implement best practices to continuously improve our security posture and readiness to respond to security threats.
- Play a supporting role in maintaining and enhancing our security program in support of both SOC 2 and ISO 27001 certification standards.
- Review and recommend enhancements to policies, controls, processes and standards.
- Support investigation and analysis of technology tooling to improve our Security posture.
- Play a leading role in upholding Secure by Design principles across the company wide SDLC chain, including robust threat modeling.
- Support supply chain risk management assessment of vendors and technology partners to ensure alignment with security obligations of our customers.
You should have:
- Excellent communication and leadership skills, and are able to work collaboratively and respectfully with other team members.
- Experience working in a non-security focused role whether that be network, infrastructure, cloud, data engineering, IT Operations or software engineering.
- The ability to establish rapport and trust with key stakeholders at all levels of the organization from individual software developers to executive leadership.
- A passion and demonstrated ability to support information security, cyber security, data protection, disaster readiness, risk management, and security operations.
- A passion for continuous learning and awareness of new capabilities and solutions that support our enterprise security ecosystem.
You might have:
- Prior working experience in highly regulated industries including National Defense, Aerospace, or Financial Services.
- Prior working experience with technology partners such as Okta, Metomic, Proofpoint, AWS, Azure, Jamf or Intune.
- Prior working experience in a large international consulting organization, whether focused on security or other technical domains.
- Active security certifications such as SSCP, CCSP, CGRC, Security+ or CEH.
We want our employees to have the best opportunities at work and in life. We know that requires us to provide more than just a great place to work. We are committed to providing industry leading benefits and flexibility that allows you to achieve all your life goals. Here are the important highlights:
- Competitive salary reviewed annually to account for market shifts
- Comprehensive health benefits packages (medical, dental, 401k/pension match)
- Robust leave policies (PTO, parental leave, VTO)
- Flexible work environment with support for hybrid remote work and office based access in either Manhattan or London
- Opportunities for personal and professional development
- An experienced, mature and extremely enthusiastic team that thrives on collaboration
Why Join Us?
Novata is a mission-first company built to enable the private markets to drive more impact. We are at the unique intersection of ESG, the private markets, and mission driven impact. We are well-funded, have a top tier executive leadership team, and have experienced a successful commercial launch in the first half of 2022. We have a highly aggressive growth plan to establish ourselves as the industry leader of ESG with immediate plans for product and international expansion.
Members of our leadership team have been globally recognized for their success as leaders of large public companies, founders of successful startups, leaders of established ESG organizations, and builders of robust tech platforms. We are passionate, highly motivated, and experienced individuals who embrace our diverse backgrounds. Together, we will become the platform of choice and a catalyst for a change in the way business is done.
Novata is an Equal Opportunity Employer and it is our policy that we will not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other protected category with respect to recruitment, hiring, training, promotion and other terms and conditions of employment.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Remote and/or any of … Remote and/or any of these Cloudflare Offices: … Full TimeEntry Entry-levelUSD 115K - 198K USD 115K+
Security Research Analyst - Threat IntelligenceCloud Cloudflare DevOps DNS Encryption Exploits +13
Career development Equity Fertility benefits Flex hours Flex vacation +4
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Senior Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Security Architect jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Ingénieur DevSecops H/F jobs
- Open Security Researcher jobs
- Open Information System Security Officer (ISSO) jobs
- Open C-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs
- Open APIs-related jobs
- Open DevSecOps-related jobs