VP, Information Security

We are COMPLY.

For compliance people.

We pride ourselves on being the champion for compliance professionals. Merging technology, consulting and education, we help clients navigate the ever-changing regulatory environment. We serve more than 7,000 clients globally, through our solutions including ComplySci, RIA in a Box, National Regulatory Service (NRS) and illumis. We are a high-growth organization and have been recognized with numerous awards including by Inc. 5000, Institutional Asset Manager Awards, Private Equity Wire Awards, and the Women in Data & Technology Awards.

COMPLY is made up of 350+ professionals worldwide. In the US alone, we have team members in 45 states. Employees of COMPLY have access to comprehensive benefits, unlimited PTO, paid bonding leave and 100% remote work flexibility with a WFH stipend.

Come join our team of talented innovators working together to forge the next generation of compliance.

To learn more about COMPLY, visit COMPLY.com.

The VP of Information Security plays a key role in developing and executing our organization's information security strategy. You will be responsible for designing and implementing comprehensive security programs, managing security initiatives, and building a culture of security awareness and compliance throughout the organization. You have experience in SaaS businesses ensuring security and compliance of products that handle sensitive information. 

Responsibilities:

• Information Security Strategy: Develop and implement an information security strategy that aligns with the organization's objectives and regulatory requirements. 
• Risk Management: Assess and prioritize security risks and vulnerabilities and create plans to mitigate these risks effectively. 
• Security Policies and Procedures: Establish and maintain information security policies, standards, and procedures in accordance with best practices and industry standards. 
• Security Compliance: Ensure compliance with relevant laws, regulations, and industry standards, including but not limited to GDPR, HIPAA, ISO 27001, NIST, etc. 
• Incident Response: Develop and oversee an incident response plan, including breach response, and lead investigations as needed. 
• Security Awareness: Foster a culture of security awareness and compliance among employees through training programs, communication, and awareness initiatives. 
• Security Technology: Evaluate, select, and implement security technologies and tools, including firewalls, intrusion detection systems, and encryption. 
• Vendor and Third-Party Risk Management: Assess and manage the security risks associated with third-party vendors and service providers. 
• Security Audits and Assessments: Oversee security audits and assessments to identify vulnerabilities and ensure compliance. 
• Budget Management: Manage the information security budget, making cost-effective decisions that ensure the organization's security. 
• Security Reporting: Provide regular reports to executive management and stakeholders on the status of the organization's security. 
• Team Leadership: Build and manage a high-performing information security team. 

Qualifications:

• Bachelor's or Master’s degree in Computer Science, Information Security, or related field.
• 10+ years of experience in information security, with at least 5 years in a leadership role, ideally within a SaaS or FinTech organization
• Relevant industry certifications, such as CISSP, CISM, CISA, or similar
• Deep understanding of security risks, threat landscape, and best practices in the FinTech and SaaS industries
• Experience managing programs to maintain certifications like SOC2, ISO 27001, FedRAMP, CSA STAR or similar 
• Exceptional leadership and organizational skills. 
• Excellent communication and interpersonal abilities
• Strong analytical and problem-solving skills 

Nice to have:

• Experience working with software development and operations teams
• Understanding of security practices in agile software development
• Experience with cloud security (AWS, Azure, Google Cloud, etc.), APIs, and container security
• Expertise working with global teams in different geographies and time zones

Talk about company perks!

• Phenomenal Benefits: COMPLY Company offers a comprehensive benefits package, including full medical, dental, and vision coverage at little to no cost, unlimited PTO, discounts on pet insurance, and more!
• 100% Remote Flexibility: We offer a virtual onboarding experience with a stipend to help work-from-home set up your work-from-home office.
• Employee Centric Culture: We host virtual happy hours and team bonding events to keep our fun COMPLY culture alive.
• High Growth Startup: There is plenty of room for you to impact the organization and advance your career positively!

The compensation range for this role is specific to the United States and takes into account a wide range of factors that are considered in making compensation decisions including, but not limited to, skill sets, training, licensure and certification, and experience. A reasonable estimate of the base salary range for this role would be $185,000-$200,000 plus applicable bonus/benefits offerings, etc as those similarly situated within the Company.

COMPLY is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity, or national origin. Nothing in this job posting should be construed as an offer or guarantee of employment.