Full-Time
Information Security Manager
Confirmed live in the last 24 hours
Cloud-based mortgage capital markets platform
Senior
Remote in USA
- 5+ years of enterprise information security or relevant technology experience, including with cloud technologies; B2B and SAAS preferred
- Deep understanding of risk management principles and strong understanding of incident management and security operations
- Expert-level experience in at least some of the following areas: access management in a cloud computing environment, vulnerability scanning, third-party risk assessment, SIEM management, business continuity or disaster recovery
- Familiarity of regulatory requirements such as GLBA and CCPA and frameworks such as NIST and ISO 27002
- Perform annual SOC2 compliance, penetration tests, and BCP/DR scenarios
- Own, develop, implement, and report to the Board of Directors on the short and long term security strategy and goals in alignment with Polly’s business objectives and culture
- Conduct in-depth security reviews and risk assessments of core corporate and production infrastructure to identify gaps, come up with recommendations, and implement proposed solutions
- Evolve Polly’s capability to monitor threats and vulnerabilities as well as detect, investigate, respond to, and recover from incidents
- Respond to security audits and security assessment requests
- Maintain awareness of current and emerging threats, specifically those within the financial services sector, to ensure cloud environments are properly secured, monitored and documented
- Oversee management of information security tools, contracts, documentation, policies and processes to ensure an operating environment that is sound, sustainable and compliant with company policies and requirements
- Assess and identify security controls for sensitive and regulated data, and refine and oversee Polly’s compliance programs aligned with SOC2
- Resolve security resource requirements including budget, staff, training needs and prioritization
- Ensure the appropriate development and delivery of end user security awareness training, effective reporting, as well as performance metrics; executes on security metric reporting to ensure business and senior leadership have a proper view of current security state and risks
- Define requirements and lead on evaluating and analyzing existing and new technology, platforms and applications to anticipate potential security gaps and concerns
- Own all documentation, process, and training surrounding Polly’s business continuity and disaster recovery abilities
Polly™ is revolutionizing the mortgage capital markets with its vertically integrated platform, featuring a patent-pending Product & Pricing Engine, hedge-agnostic Loan Trading Exchange, and advanced data analytics, all built in the cloud with modern technologies for enhanced security and scalability. The platform aims to automate and optimize the entire mortgage value chain, helping lenders of all sizes proactively scale their operations in a more flexible and configurable way.
Company Stage
Series B
Total Funding
$72.3M
Headquarters
San Francisco, California
Founded
2019
6 month growth
↑ 12%1 year growth
↑ 82%2 year growth
↑ 66%Benefits
Professional growth & upward mobility
Competitive salaries
100% paid medical/vision/dental/disability/life insurance
Unlimited PTO
Remote environment