We’re a tech company that’s changing how people bank and think about their finances. We value empathy, curiosity, craft and efficacy. Our mission is to help people feel confident with their money. We do that by bringing humanity, elegance and ease to the consumer banking experience. And we make banking beautiful.
The Enterprise Risk Management team is responsible for ensuring that Simple maximizes shareholder value by managing business risks. We evaluate and know our business’ inherent risks, and independently advise on controls to protect shareholder value. The team includes experts in a variety of risk management fields, and works collaboratively across the business.
You will work closely with engineering, product, and operations personnel across Simple. Your relationship with engineers will be critical to your success, as you built rapport and trust, and influence the organization towards safety in our technology operations. You will also build relationships with other operational disciplines, including the team who manages IT for employees, customer support, risk (fraud), and marketing. You will lead a small team who performs at a high level, and is empowered to have a high impact, with your guidance.
You love building relationships, and have served clients either internally in a large organization, or in a professional services firm. You have a home computer lab, where you enjoy experimenting with operating systems, scripting, or vulnerability analysis. You enjoy staying up to date on the latest security news, and have a point of view on what coordinated disclosure should mean. You understand how bug bounty programs work, and may have submitted a vulnerability to one or handled incoming reports for one. You are interested in how different companies implement multi-factor authentication and anti-fraud controls, and may have opened an account or two just to see this in action.
What You’ll Do All Day:
As the Sr. Manager of Information Security at Simple, you’ll be responsible for managing risks to confidentiality, integrity, and availability across the business. You will make decisions that influence our policies and practices, how we serve customers, and how we use technology. You’ll be responsible for partnering with Engineering to ensure that we have sustainable and safe practices for building our product. You’ll develop policies and provide advice across the company as it relates to information security.
You’ll do this through:
- Leading a team by providing coaching, feedback and development.
- Representing Simple in the evaluation of security risk management practices and residual risk to stakeholders
- Providing input to Product Management and Engineering related to prioritization, scope, and design considerations
- Leading a periodic risk assessment process and make recommendations to ensure that decisions are made to ensure residual risk is within the tolerance of the business
- Providing oversight to Engineering and IT, ensuring that technical systems and processes manage risks appropriately
- Planning and directing the implementation of information security program areas, including: product security consultation, risk assessments, information security awareness, etc.
We’d Like To See:
- A minimum of 8 years information security related experience.
- 2-3 years previous management experience preferred.
- Experience managing projects or programs to achieve information security objectives.
- A relevant professional certification, such as CISSP or CISM is preferred
- Demonstrated exceptional written and verbal communication skills.
- Understanding of current technology and regulatory trends affecting financial institution information security programs.
- Knowledge of trends in technology in multiple areas.
- Demonstrated ability to analyze security and technology control effectiveness.
- Knowledge of trends in technology in multiple areas.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Strong leadership skills including the ability to build high performing teams and lead change.
- Bachelor's Degree or equivalent experience with a background in information security and/or business management disciplines.
We recognize the dire lack of diversity in our industry, and we’re not okay with it. We actively seek to address it with our hiring and retention processes, as well as our office culture. If you’re on the fence about whether you’re a fit, we say go for it, and apply!
Why Simple’s a Great Place to Work:
- Based in Portland, Oregon-- a beautiful place to live and work.
- Competitive salary and benefits package.
- A supportive and nurturing place to work. We actively consider how we can improve employees’ quality of life--both inside and outside the office.
- Committed to hiring quality human beings. Simple is a place where others will watch out for you and help you learn. We actually like and respect each other.
- We give a damn about what we do, both as individual contributors and as a company on a mission to change banking. We’re passionate and nerdy about our work; in fact we’re kind of that way about things outside of work, too.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire. Email our team at email@example.com if you need an accommodation in the application process.
A background check will be required for this opportunity.
Simple provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Simple complies with all applicable state and local laws governing nondiscrimination in employment in every location in which the company has employees. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
By submitting this application, you certify that the facts contained in your application are true and complete to the best of your knowledge. If you are employed, false statements on your application will be grounds for termination.