Information Security Lead
Posted on 7/19/2023
INACTIVE
Digital banking platform provider
Company Overview
Narmi believes that world-class digital banking experiences should be accessible to everyone. Narmi's mission is to offer financial institutions the best digital banking platform in the industry.
Fintech
B2C
Company Stage
Series B
Total Funding
$55.6M
Founded
2016
Headquarters
New York, New York
Growth & Insights
Headcount
6 month growth
↑ 1%1 year growth
↑ 14%2 year growth
↑ 86%Locations
New York, NY, USA
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Communications
AWS
Requirements
- Experience with NIST and or ISO 27001
- 7+ years of professional security engineering experience
- Broad security domain knowledge
- Experience with cloud hosted environments (ideally AWS)
- Great work ethic, agility, and consistent experience as a top performer
- Excellent communication skills in verbal and written English
- Willingness to occasionally work in New York City
- Experience at a startup or financial technology firm (preferred)
Responsibilities
- Attract, manage and retain a high-performing security focused team
- Plan, develop, implement, and iterate on Narmi's current and future security initiatives
- Spearhead Narmi's information security and governance programs to identify and mitigate risks
- Lead periodic security and compliance audits such as PCI DSS for Service Providers and SOC 2 Type II in conjunction with external entities
- Implement a security management framework based on NIST and/or ISO 27001
- Manage and evolve technical policies, risk assessments, data classifications, security telemetry and controls
- Provide mentorship, training and security perspective across the organization
- Take part in security focused code reviews and testing
- Triage security incident reports from internal and external stakeholders, lead security incident response and conduct remediation
- Assist with infrastructure changes and automation tooling to improve Narmi's security posture
- Interface with clients and prospects to help them understand our security posture and compliance programs