Sr. InfoSec Manager
About the Role
We are seeking an Information Security Manager to join our team. This person will be responsible for managing and scaling Airbase’s processes and procedures related to information security and compliance. The role will require a deep understanding of the organization's proprietary technology, IT and SaaS tools, security policies and practices, and critical partnerships. This role will report to Airbase's General Counsel and act as the primary, hands-on, information security compliance resource for key business functions and initiatives. You would be joining a small team of experienced technologists and business people excited to be changing the experience of moving money in the US for everyone.
The ideal candidate will bring a high level of expertise in information security frameworks, controls and audit techniques. You can quickly understand the security operations and challenges in the current and future state of the business’s SOC1 & SOC2 compliance operations.
What You'll Do:
- Plan, build, and deploy an InfoSec roadmap and define the future of the department
- Take primary responsibility for the company’s regular SOC1 and SOC2 audits
- Communicate our compliance and security posture to relevant stakeholders including business partners, regulators, and customers
- Ensure IT and Engineering-managed systems remain compliant with best practices around information security
- Coordinate with internal stakeholders to ensure compliance and operational readiness for disaster recovery, data loss prevention, and critical incident response
- Maintain internal processes for delivery of all monthly, quarterly, and annual requirements for existing certifications and partnerships
- Coordinate regular review and revision of corporate policies relevant to compliance
What You'll Bring:
- You have 6+ years of experience in Risk Management, Information Security, and/or as a senior leader of compliance teams.
- Strong knowledge of common information security management frameworks, such as SOC2, ISO/IEC 27001, and NIST.
- Self-starter, comfortable completing hands-on work that will help us scale and automate future workflows.
- You are prepared to make decisions and move quickly.
- You are born operator with a love of collaborative problem solving and a passion for information security.
- You want to work in a very fast-paced and fluid small-team environment at a growing company.
- You have strong oral and written communication skills.
- You are able to work a flexible schedule with several hours of weekly meetings with US-based colleagues and customers.
We offer competitive cash compensation and equity. We're a remote team and are happy to work with candidates from anywhere in the world.