About
About the Role We are looking for an information security professional with 2+ years experience in technology operations, technology audit, or GRC. The successful candidate will perform a variety of governance, risk, and compliance activities related to security, including risk assessments for SaaS applications, consulting with application owners to apply strong logical access controls, monitoring and reporting on the timely remediation of vulnerabilities, and gathering evidence to support audits or examinations.
As a technology‑driven financial services company, managing information security risk is critical to the trust that we foster with our clients, investors, and regulators. This role will operate within our Govern & Control team, which is a small, independent (second line‑of‑defense) team integrated with the broader security program. The role reports to the Director of Information Security and works closely with the security teams within engineering, lines of business throughout the company, and other risk‑management teams including Compliance and Legal.
Base salary (NYC): $115,000‑$125,000. This position may also be eligible for variable compensation in the form of a company incentive bonus.
A Day in the Life
Operate assigned risk‑management processes such as vulnerability monitoring, due diligence questionnaire completion, audit or examination evidence gathering, and use AI and automation tools to enhance efficiency.
Perform application‑level risk assessments by interviewing and documenting key business processes and risks related to an application, and provide guidance on strong logical access controls to reduce risk.
Conduct due diligence or ongoing monitoring activities to evaluate security risks introduced through third‑party relationships or applications/tools used by employees.
Contribute to security awareness training or phishing simulation activities for employees and contractors.
Gather data and ensure management attention toward key risk indicator (KRI) metrics for security.
Monitor assigned issues through regular follow‑up and reporting to ensure timely remediation.
What We’re Looking For We are seeking a team member with 2+ years of experience in technology operations, technology audit, or GRC, and who will be a significant contributor to the security program.
Skills and Competencies Required
Operated security controls in an IT operations role, or served as a staff or senior‑level auditor (in public accounting or internal audit), or previously worked in a security role successfully.
Possesses knowledge of security risk‑management principles, including the CIA triad, design and operation of controls, and one or more control governance frameworks.
Has familiarity with security controls applicable to cloud computing and third‑party SaaS applications, including logical access management processes, third‑party due diligence and monitoring, among others.
Has experience learning new skills, including through research and the use of AI and automation.
Benefits
A competitive suite of benefits, including medical, dental, and vision insurance; life and AD&D insurance; STD and LTD benefits, including infertility support and World Professional Association for Transgender Health approved benefits; and generous parental leave.
Flexible paid time off (and encouragement to use it!)
Meaningful opportunity for community building through our 7 Employee Resource Groups
Empowerment to own and lead change and affect the business
Dedicated professional development opportunities
Lunch from our in‑house chef at our NYC headquarters
EEO & Legal Notices Betterment is an equal‑opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. We strictly prohibit and do not tolerate discrimination against employees, applicants or other covered persons because of race, color, religion, creed, national origin or ancestry, ethnicity, sex, gender (including gender nonconformity and status as a transgender or transsexual individual), sexual orientation, marital status, age, physical or mental disability, citizenship, past, current or prospective service in the uniformed services, predisposing genetic characteristic, domestic violence victim status, arrest records, or any other characteristic protected under applicable federal, state or local law.
Betterment participates in E‑Verify. We will provide the Social Security Administration, and if necessary, the Department of Homeland Security, with information from each new employee’s Form I‑9 to confirm work authorization. Please note that we do not use this information to pre‑screen job applicants.
We collect and store personal information for the purposes of candidate tracking for this role and future opportunities. The information you provide in the course of completing your application will be kept for up to 24 months. We use tools provided by third‑party service providers but do not share candidate information for any purpose other than recruiting. To access the data that is collected, request deletion or to make updates to your candidate profile, please email team.hire@betterment.com.
#J-18808-Ljbffr
Languages
- English
Notice for Users
This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.