Full-Time

Information Security Manager

Confirmed live in the last 24 hours

Polly

51-200 employees

Cloud-based mortgage capital markets platform

Data & Analytics

Fintech

AI & Machine Learning

Senior

Remote in USA

Required Skills

Management

Requirements

5+ years of enterprise information security or relevant technology experience, including with cloud technologies; B2B and SAAS preferred
Deep understanding of risk management principles and strong understanding of incident management and security operations
Expert-level experience in at least some of the following areas: access management in a cloud computing environment, vulnerability scanning, third-party risk assessment, SIEM management, business continuity or disaster recovery
Familiarity of regulatory requirements such as GLBA and CCPA and frameworks such as NIST and ISO 27002

Responsibilities

Perform annual SOC2 compliance, penetration tests, and BCP/DR scenarios
Own, develop, implement, and report to the Board of Directors on the short and long term security strategy and goals in alignment with Polly’s business objectives and culture
Conduct in-depth security reviews and risk assessments of core corporate and production infrastructure to identify gaps, come up with recommendations, and implement proposed solutions
Evolve Polly’s capability to monitor threats and vulnerabilities as well as detect, investigate, respond to, and recover from incidents
Respond to security audits and security assessment requests
Maintain awareness of current and emerging threats, specifically those within the financial services sector, to ensure cloud environments are properly secured, monitored and documented
Oversee management of information security tools, contracts, documentation, policies and processes to ensure an operating environment that is sound, sustainable and compliant with company policies and requirements
Assess and identify security controls for sensitive and regulated data, and refine and oversee Polly’s compliance programs aligned with SOC2
Resolve security resource requirements including budget, staff, training needs and prioritization
Ensure the appropriate development and delivery of end user security awareness training, effective reporting, as well as performance metrics; executes on security metric reporting to ensure business and senior leadership have a proper view of current security state and risks
Define requirements and lead on evaluating and analyzing existing and new technology, platforms and applications to anticipate potential security gaps and concerns
Own all documentation, process, and training surrounding Polly’s business continuity and disaster recovery abilities

Who You Are:

You will lead Polly’s Information Security function to secure, maintain and grow a world-class mortgage technology services and technology ecosystem for our customers. You are looking for a unique opportunity to shape and grow Polly’s security culture. Your 5+ years of enterprise information security and cloud technology experience has prepared you to successfully develop, enhance and oversee all information security operations activities.

Your expert-level skills in access management in a cloud computing environment, vulnerability scanning, third-party risk assessment, SIEM management, business continuity or disaster recovery makes you the perfect fit for this role. Leading security strategy, direction and cross functional security teams comes naturally to you. Overall, you are a dynamic professional who is excited to make an impact across the organization to keep Polly secure and compliant with industry best practices and regulations.

Does this sound like you? If so, apply today and let’s start the conversation!

What You’ll Do:

Perform annual SOC2 compliance, penetration tests, and BCP/DR scenarios
Own, develop, implement, and report to the Board of Directors on the short and long term security strategy and goals in alignment with Polly’s business objectives and culture
Conduct in-depth security reviews and risk assessments of core corporate and production infrastructure to identify gaps, come up with recommendations, and implement proposed solutions
Evolve Polly’s capability to monitor threats and vulnerabilities as well as detect, investigate, respond to, and recover from incidents
Respond to security audits and security assessment requests
Maintain awareness of current and emerging threats, specifically those within the financial services sector, to ensure cloud environments are properly secured, monitored and documented
Oversee management of information security tools, contracts, documentation, policies and processes to ensure an operating environment that is sound, sustainable and compliant with company policies and requirements
Assess and identify security controls for sensitive and regulated data, and refine and oversee Polly’s compliance programs aligned with SOC2
Resolve security resource requirements including budget, staff, training needs and prioritization
Ensure the appropriate development and delivery of end user security awareness training, effective reporting, as well as performance metrics; executes on security metric reporting to ensure business and senior leadership have a proper view of current security state and risks
Define requirements and lead on evaluating and analyzing existing and new technology, platforms and applications to anticipate potential security gaps and concerns
Own all documentation, process, and training surrounding Polly’s business continuity and disaster recovery abilities

What You Have:

5+ years of enterprise information security or relevant technology experience, including with cloud technologies; B2B and SAAS preferred
Ability to communicate information security requirements to non-technical security stakeholders
Deep understanding of risk management principles and strong understanding of incident management and security operations
Expert-level experience in at least some of the following areas: access management in a cloud computing environment, vulnerability scanning, third-party risk assessment, SIEM management, business continuity or disaster recovery
Familiarity of regulatory requirements such as GLBA and CCPA and frameworks such as NIST and ISO 27002

Why Join Polly:

We are attacking a trillion-dollar market with gross inefficiencies and seeking to transform the way an entire industry operates
We have an experienced leadership team that previously built large and impactful platforms
Outstanding opportunity for professional growth and upward mobility
Direct engagement with the decision makers and senior business leaders
Competitive salaries
100% paid medical/vision/dental/disability/life insurance
Unlimited PTO
Remote environment

About Us:

Polly was founded in 2019 by a seasoned team of technology and mortgage experts. We are transforming the mortgage industry by automating and streamlining the mortgage transaction lifecycle through data science and machine learning. Lenders and other mortgage stakeholders trust us to optimize performance by automating manual workflows, improving loan profitability, and yielding actionable insights through our next generation BI analytics layer. Polly is backed by prominent Silicon Valley venture firms including 8VC, Meritech, Menlo Ventures, Khosla, Base10, NYCA, Fifth Wall, and Conversion Capital.

Polly is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, age, color, national origin, religion, sex, gender identity, sexual orientation, marital status, pregnancy status, disability status, veteran status or any other legally protected status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Polly

View

Website

View Company Profile

Polly™ is revolutionizing the mortgage capital markets with its vertically integrated platform, featuring a patent-pending Product & Pricing Engine, hedge-agnostic Loan Trading Exchange, and advanced data analytics, all built in the cloud with modern technologies for enhanced security and scalability. The platform aims to automate and optimize the entire mortgage value chain, helping lenders of all sizes proactively scale their operations in a more flexible and configurable way.

Company Stage

Series B

Total Funding

$72.3M

Headquarters

San Francisco, California

Founded

2019

Growth & Insights

Headcount

6 month growth

↑ 12%

1 year growth

↑ 82%

2 year growth

↑ 66%

Benefits

Professional growth & upward mobility

Competitive salaries

100% paid medical/vision/dental/disability/life insurance

Unlimited PTO

Remote environment