Information Security Specialist
ABOUT US
Founded in 2014 and having grown to 110 global team members, Supernova offers the industry’s first and only cloud-based, fully customizable, end-to-end software solution to automate securities-based lending (SBL) from origination through the life of the loan. By combining thought leadership in suitability and risk management with industry-leading education and the latest technology, Supernova enables advisors to deliver holistic, goals-based advice and to help their clients achieve financial wellness. We partner with the industry’s largest banks, most prominent insurance companies and leading online brokerages to democratize access to securities-based lending and better the entire financial ecosystem.
JOB DESCRIPTION
The Information Security Specialist is responsible for managing and maintaining the information technology and security stack at Supernova. This role also includes keeping updates on the latest security threats, patching, and responding to security alerts.
Supernova is headquartered in Chicago. However, this position is 100% remote eligible.
RESPONSIBILITIES:
- Serve as company’s security expert
- Architecture of security in AWS
- Establishing secure development culture
- Analyze system security on a variety of information systems, network devices (firewalls, routers, and switches), web server and database applications
- Perform risk assessments and security testing
- Assist in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines)
- Support the certification and accreditation process for IT systems and networks, including preparation of key documentation and planning and conducting security tests and evaluations
- Track and monitor system vulnerabilities
- Enforce security policies and procedures by administering and monitoring security profiles, review security violation reports and investigate possible security exceptions, updates, and maintain and document security controls
- Provide direct support to the business and IT staff for security related issues. Educate IT and the business about security policies and consult on security issues regarding user built/managed systems
- Represent the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues
QUALIFICATIONS:
- Strong knowledge and hands on experience of network and web application exploitation, ethical hacking, penetration testing, computer forensics and tool development
- Working knowledge of security best practices and standards such as ISO27001, ISO27002, HIPAA and Sarbanes Oxley
- Strong knowledge and hands on experience of vulnerability assessment, scanning and tools
- Strong knowledge and hands on experience in firewall configuration, management, and hardening
- Ability to analyze TCP/IP network traffic and event logs
- Strong problem-solving skills and ability to work under pressure
OUR CORE VALUES
At Supernova, we...
- Form, execute, and communicate new ideas that add value to our employees and customers
- Strive through obstacles and failures
- Follow-through on promises or commitments to others, accept responsibility, and answer for actions & decisions
- Listen to, understand, and support our employees and customers
- Act with speed, positive attitude, and flexibility
- Exceed expectations and surpass ourselves every day; we embrace a sense of pride and never stop growing