Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Senior Manager Of Information Security

Expired Job

Simple Portland , OR 97201

Posted 3 months ago

The Company:
Were a tech company thats changing how people bank and think about their finances.
We value empathy, curiosity, craft and efficacy. Our mission is to help people feel confident with their money. We do that by bringing humanity, elegance and ease to the consumer banking experience.
And we make banking beautiful.
The Team:
The Enterprise Risk Management team is responsible for ensuring that Simple maximizes shareholder value by managing business risks.
We evaluate and know our business inherent risks, and independently advise on controls to protect shareholder value. The team includes experts in a variety of risk management fields, and works collaboratively across the business.
You will work closely with engineering, product, and operations personnel across Simple.
Your relationship with engineers will be critical to your success, as you built rapport and trust, and influence the organization towards safety in our technology operations. You will also build relationships with other operational disciplines, including the team who manages IT for employees, customer support, risk (fraud), and marketing. You will lead a small team who performs at a high level, and is empowered to have a high impact, with your guidance.
About You:
You love building relationships, and have served clients either internally in a large organization, or in a professional services firm. You have a home computer lab, where you enjoy experimenting with operating systems, scripting, or vulnerability analysis.
You enjoy staying up to date on the latest security news, and have a point of view on what coordinated disclosure should mean. You understand how bug bounty programs work, and may have submitted a vulnerability to one or handled incoming reports for one. You are interested in how different companies implement multi-factor authentication and anti-fraud controls, and may have opened an account or two just to see this in action.
What Youll Do All Day:
As the Sr. Manager of Information Security at Simple, youll be responsible for managing risks to confidentiality, integrity, and availability across the business.
You will make decisions that influence our policies and practices, how we serve customers, and how we use technology. Youll be responsible for partnering with Engineering to ensure that we have sustainable and safe practices for building our product. Youll develop policies and provide advice across the company as it relates to information security.
Youll do this through:
Leading a team by providing coaching, feedback and development.
Representing Simple in the evaluation of security risk management practices and residual risk to stakeholders
Providing input to Product Management and Engineering related to prioritization, scope, and design considerations
Leading a periodic risk assessment process and make recommendations to ensure that decisions are made to ensure residual risk is within the tolerance of the business
Providing oversight to Engineering and IT, ensuring that technical systems and processes manage risks appropriately
Planning and directing the implementation of information security program areas, including: product security consultation, risk assessments, information security awareness, etc.
Wed Like To See:
A minimum of 8 years information security related experience.
2-3 years previous management experience preferred.
Experience managing projects or programs to achieve information security objectives.
A relevant professional certification, such as CISSP or CISM is preferred
Demonstrated exceptional written and verbal communication skills.
Understanding of current technology and regulatory trends affecting financial institution information security programs.
Knowledge of trends in technology in multiple areas.
Demonstrated ability to analyze security and technology control effectiveness.
Knowledge of trends in technology in multiple areas.
Ability to effectively prioritize and execute tasks in a high-pressure environment.
Strong leadership skills including the ability to build high performing teams and lead change.
Bachelor's Degree or equivalent experience with a background in information security and/or business management disciplines.
We recognize the dire lack of diversity in our industry, and were not okay with it.
We actively seek to address it with our hiring and retention processes, as well as our office culture. If youre on the fence about whether youre a fit, we say go for it, and apply!
Why Simples a Great Place to Work:
Based in Portland, Oregon-- a beautiful place to live and work.
Competitive salary and benefits package.
A supportive and nurturing place to work.
We actively consider how we can improve employees quality of life--both inside and outside the office.
Committed to hiring quality human beings. Simple is a place where others will watch out for you and help you learn.
We actually like and respect each other.
We give a damn about what we do, both as individual contributors and as a company on a mission to change banking. Were passionate and nerdy about our work; in fact were kind of that way about things outside of work, too.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire. Email our team at if you need an accommodation in the application process.
A background check will be required for this opportunity.
Simple provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Simple complies with all applicable state and local laws governing nondiscrimination in employment in every location in which the company has employees. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
By submitting this application, you certify that the facts contained in your application are true and complete to the best of your knowledge. If you are employed, false statements on your application will be grounds for termination.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Information Security Analyst

Portland General Electric

Posted 2 weeks ago

VIEW JOBS 11/4/2018 12:00:00 AM 2019-02-02T00:00 APPLICATION DEADLINE: OPEN UNTIL FILLED For over 125 years, Portland General Electric has proudly served Oregon. Our dedication to helping customers is matched by our commitment to providing PGE employees with a diverse array of rewarding career opportunities. Diversity and community are at the heart of what we do for our customers and for each other. We are committed to a team that looks like the Oregon community that we know and love. PGE team members are creative problem solvers who love to apply themselves to challenges, big and small. We are looking for team members who will grow their skills, their career and their future with us. Senior Information Security Analyst (R18-426) The Senior Security Assurance Analyst performs at a senior level within a team of Security professionals who are responsible with the assurance and protection of organizational information assets. This position assesses complex IT systems, develops remediation plans, and recommends and implements processes improvements to Information Security Program efforts. The senior analyst will contribute expert knowledge to the continued development and maturity of policies, procedures, standards, and guidelines to protect the confidentiality, integrity and availability of PGE's systems, services, and data. You will support our journey by: * Risk / Security Assessment (75%) - Perform assessments of vulnerabilities and threats to PGE assets. * Validation testing of management, operational, and technical security controls to identify threats and mitigate vulnerabilities to PGE's IT infrastructure; monitor industry developments and make recommendations for security practice improvements. * Implements PGE's IT risk management framework to effectively manage information security risks to PGE's environment. * Plan and schedule regular vulnerability assessments, penetration tests, technical risk assessments, and compliance reviews of PGE's Key IT infrastructure components and applications based on the criticality and perceived risk of the applications/services. * Facilitates the review of controls implemented by PGE and assesses them based on defined policies and standards. * Consulting Services (20%) – Provide professional consulting services to clients within IT as well as other PGE lines of business to assure new and on-going projects are securely planned and implemented. * Technical Expertise – Provide PGE management and business clients with technical expertise and analysis on information security trends to protect the organization from internal and external threats. * Education & Training – Provide educational material as necessary to raise awareness of security issues and improve compliance with policies, procedures, standards, and guidelines. * Tier III Incident Response / Investigations (5%) – * Manage Tier III Incidents; including communicating with external contacts/counterparts in other companies when incidents occur. Analyze and perform complex technical troubleshooting; prepare reports and assist in gathering/providing data on IT security incidents. * Recover and examine data from computers and other electronic storage devices for use in investigations to violations of company policy, or state/federal laws. You will bring the following skills to our team: Minimum Experience Requirements: * Typically a Bachelor's Degree in Business, Computer Science, Engineering Management or equivalent work experience in related discipline. * At least 10 years of hands-on experience in the IT industry working with complex, large-scale IT technical environments. * At least 7 years of hands-on experience within the CISSP 8 domains. (5 years with a Bachelor of Science (BS) degree in a related major) including aspects of operations, support, security testing, vulnerability and threat assessment. Compliance / Controls / Methodologies: * Demonstrated understanding and implementation of established IT frameworks & methodologies (e.g. NIST 800 series, ISO 27000 series, etc.). * Demonstrated success in the management and reporting of compliance environments such as: * Payment Card Industry Data Security Standard (PCI DSS) * Health Insurance Portability and Accountability Act (HIPAA) * Federal Information Security Management Act (FISMA) * DoD Information Assurance Certification and Accreditation Process (DIACAP) * Sarbanes Oxley Act (SOX) * Critical Infrastructure Protection (NERC CIP) Minimum Security-Related Certification Requirements (or within 6 months of hire): * Certified Information Systems Security Professional (CISSP) – (ISC)2 Preferred Certifications: (Ideally two or more certifications from these security and risk-related areas) Risk Management, Auditing and/or General Security practice * Certified Information Systems Manager (CISM) – ISACA * Certified Information Systems Auditor (CISA) - ISACA * GIAC Information Security Professional (GISP) - SANS Forensic Certification * GIAC Certified Forensic Analyst (GCFA) - SANS * Certified Computer Forensics Examiner (CCFE) - IACRB * Certified Computer Examiner (CCE) – ISFCE * Certified Hacker Forensic Investigator (CHFI) - EC-Council Networking Certification * Cisco Certified Network Administrator / Professional (CCNA / CCNP) - Cisco Server OS Certification * Microsoft Certified Systems Administrator / Engineer (MCSA / MCSE) - Microsoft * Microsoft Certified Information Technology Professional (MCITP) - Microsoft * Red Hat Certified Systems Administrator (RHCSA) - Red Hat * Red Hat Certified Engineer (RHCE) - Red Hat Other * Certified Ethical Hacker (CEH) – EC-Council * GIAC Certified Incident Handler (GCIH) - SANS Join us today and power your potential! PGE is committed to diversity and inclusion in the workplace and is an equal opportunity employer. PGE will not discriminate against any employee or applicant for employment based on race, color, national origin, gender, gender identity, sexual orientation, age, religion, disability, protected veteran status, or other characteristics protected by law. To be considered for this position, please complete the following employment application by the deadline: If you have any questions, please feel free to call us at 503-464-7250. PGE believes in rewarding strong performance. We provide a total compensation package that is designed to reward your contributions to the company, and, at the same time, support your well-being and professional development, both now and into the future. Assisting with storms or other Company emergencies is a part of all positions at Portland General Electric. Talent Acquisition Contact: Nicole Seroyer 503-464-7250 Connect with us on Twitter (, Facebook ( and LinkedIn ( THIS IS AN INTERNAL / EXTERNAL JOB POSTING Portland General Electric Portland OR

Senior Manager Of Information Security

Expired Job