Director, Information Security (Remote, US)
Other Jobs To Apply
- Responsible Safety and Security Engineer
- Cybersecurity Technical Support Associate (Eastern Time Zone)
- iOS Developer Full-time / Remote (CST or EST time zone) – 1553
- Senior iOS Developer /Swift/ Remote / Part-time /Freelance/
- IOS Remote
- Internal Audit Manager, Compliance - RJB- Hybrid or Remote
- Senior Internal Auditor - Remote
- Career Opportunities Getinge Group: Internal Auditor, Corporate Quality (Remote US) (35658)
- Intelligence Analyst - Falcon Recon (Remote)
- Open Source Intelligence Analyst
- Intelligence Analyst - Falcon Recon (Remote)
- Senior Life and Disability Underwriter
- Renewals Underwriter (Fully Remote)
- Remote - Project Manager / Lead Financial Consultant
- Atlanta Based In-House Corporate Counsel (Primarily Remote, Contract)
- Atlanta Based In-House Corporate Counsel (Primarily Remote, Contract)
- SEC Reporting Counsel (Remote, Part-Time)
- Legal Assistant/Paralegal (AOS) - Business Immigration Law
- Remote, Contract-based Immigration Paralegal Opportunity - 5+ Hours/Week
- Remote Compliance Paralegal- Immigration
- Experienced HVAC Technician
- HVAC Installation and Product Support Specialist (Remote, US)
- HVAC Tech Support (Remote - US)
- Fully Remote Part-Time Colorado Therapist
- Adjunct (Health & Human Services)
- Direct Care/Human Services-Behavioral Programs
- Human Resources – Analytics | Maximus | Remote (US)
- Associate Director, HR- Central Operations
- Human Resource Generalist Remote / Telecommute Jobs
- RN, Acute Care Home Hospital part time
- HR Assistant (REMOTE)
- Part Time HR Assistant, Home Care (Remote)
- Clinical Nurse Auditor, HEDIS *Remote*, Part Time WA OR
- HEDIS Nurses (RN/LVN/LPN) *Remote*
- HEDIS Nurse
- REMOTE Healthcare Provider Recruiter
- Healthcare Recruiter - Remote - 100% Commission - Partnership Opportunity!
- Health Care Recruiter - Remote
- Data Input Specialist – Healthcare Information Systems
- Reporting Analyst, Healthcare - Remote CA
- Post Acute Network Program Manager (Remote) (Must Reside in MI)
- Experienced Lead Electronic Health Records Technician – Remote Health Information Management Specialist
- Experienced Lead Electronic Health Records Technician – Remote Health Information Management Specialist
- HIM & Education Specialist - Remote from ANY state!
- Tumor Registrar Remote- Per Diem
- HCC Risk Adjustment Coder
- Remote, HCC Medical Coders (5873)
- HCC Coding Specialist
- Pharmacy Fraud Investigator-Remote
Why Openly
Openly is rebuilding insurance from the ground up. We are re-envisioning and enhancing every aspect of the customer experience. Doing this requires a rapidly growing team of exceptional, curious, empathetic people with a wide range of skill sets, spanning technology, data science, product, marketing, sales, service, claims handling, finance, etc.
The Openly Difference
We created Openly because we saw an evident gap in the market for premium insurance made simple. Consumers deserve more complete coverage at competitive prices.
- The Price Difference: Using cutting-edge data and technology, we provide you with customizable, competitive prices to protect your most valuable assets.
- The Policy Difference: Coverages are truly customizable to meet your individual protection needs, for both standard coverages and optional add-ons.
- The Experience Difference: From tailored claims handling to highly responsive customer service, we are focused on making the home insurance purchasing process a better overall experience.
Welcome to your next adventure.
At Openly, our people are just as important as our product. For us, collaboration, communication, and work-life balance are more than nice-to-haves— they’re the must-haves that make us who we are. We believe a great company is the result of a shared set of values, so we look for these qualities in every candidate we hire.
- Integrity
- Empathy
- Teamwork
- Curiosity
- Urgency
We've designed our hiring process with you, the candidate, in mind. At every step, you have the chance to present your strengths and learn more about what makes Openly a great place to work.
We're committed to Diversity, Equity, Inclusion
We embrace individuality and believe diverse teams are winning teams. Our commitment to inclusion across race, gender, age, religion, identity, and experience drives us forward every day.
Job Details
As the Director of Information Security at Openly, you will be responsible for maintaining and maturing the company's security program. This involves collaborating with cross-functional teams to identify and mitigate risks, establishing security policies and procedures, and ensuring compliance throughout the organization. You will apply a risk-informed approach to security and compliance, enabling the business to operate safely and securely.
Key Responsibilities
- Develop and execute a comprehensive information security roadmap in collaboration with technology leadership and compliance leadership.
- Provide oversight for security governance and risk management, including risk assessments, vulnerability management, and incident response planning.
- Promote a culture of security awareness throughout the organization by conducting training sessions and awareness campaigns.
- Provide regular updates and reports to senior management and stakeholders on the state of information security within the organization.
- Lead SOC II Type II audit including audit coordination, controls, and evidence collection.
- Evaluate and manage security risks associated with third-party vendors and service providers.
- Establish and maintain information security policies, standards, and procedures in compliance with relevant industry regulations (e.g., GDPR, PCI DSS, state Insurance Data Security laws) and best practices.
Qualifications
- Education: BS degree in Computer Science, IT, related technical discipline or equivalent years of experience.
-
Experience
- 8+ years of experience in information security roles with a balance of management, compliance, and technical expertise.
- Proven management abilities
- Experience guiding and growing teams of teams, balancing security, compliance and engineering needs with the needs of the business.
- Demonstrated ability to leverage resources and teams to deliver multiple projects from start to finish in reasonable overlapping time frames
- Experience developing a strategy or roadmap for your teams
- Proven experience leading SOC II audits and evidence collection
- Familiarity and willingness to work with Agile methodologies
- Excellent written and verbal communication
- CISSP, CISM, or other cybersecurity certifications preferred, but not required
- Working knowledge of one or more public cloud technologies (AWS, Azure, Google Cloud) and information security in a hybrid cloud environment
- Risk management experience
- Knowledge of PCI Data Security Standards including scoping and implementation
- Working knowledge of PAM, SIEM, SSO, WAF, endpoint detection, and email threat management technologies
- Startup or SaaS and remote work experience preferred
-
Leadership
- Defaults to a collaborative mindset to work with multiple stakeholders to maximize our resources
- No Egos - focuses on the best outcomes for the security, engineering, and IT teams and the company over ownership of any particular project, process, or people, demonstrating high engagement and low attachment
- Comfortable making decisions,owning and being accountable for results
- A high level of comfort navigating and making decisions and recommendations in environments of ambiguity
- Bias towards action over perfection
- Ability to juggle both a long term investment approach and an iterative approach to address immediate needs while understanding long term implications
- When presented with a complex problem, process, or existing system, you can consistently reduce the complexity to get more done with less work
- Passion for fostering DEI to build effective, capable teams
-
Technical Acumen
- A breadth of knowledge and experience across the information security domain, with familiarity in a combination of endpoint, email, network, identity management, cloud security; vulnerability management; incident response; and threat intelligence.
- Extensive experience with common security tools - e.g., EDR, MDR, SIEM, CSPM, email security, web filtering, and threat intel platforms.
- Experience with incident management and security operations including analyzing and responding to security events, such as conducting log analysis, developing queries and analytics, troubleshooting security issues, and correlating complex data sets.
- Experience with Okta, Google Workspace, Jira, and other SaaS applications.
- Experience with public cloud infrastructure (e.g. GCP, AWS) implementation and architecture.
- Knowledge of scripting languages.
- Knowledge of Terraform or other infrastructure-as-code frameworks.
- Knowledge of version control systems (Github, Git, etc.).
Our stack (for reference)
We do not expect competency in this stack to be successful, but awareness in security concerns associated is a plus:
- Backend/Core: Go Postgresql
- Frontend: Browser-based, VueJS, Webpack, Nuxt , Tailwind
- Research/Data Science: R, ArcGIS, H2O, Python
- Infrastructure: Google Cloud, specifically Cloud Run, Cloud Build, and CloudSQL, managed with Terraform. We use GitHub for code hosting and CircleCI for running our CI/CD pipelines.
- Remote work tools: Slack, Zoom
Compensation Benefits:
The target salary range represents the budgeted salary range for this position. Actual compensation for this position will be determined based on the successful candidate's experience and skills. We are committed to providing a compensation package that not only reflects the responsibilities and requirements of the role, but also the unique expertise that the chosen candidate will bring to our team.
The full salary range shows the min to max salary range for this position. Actual compensation will be commensurate with experience and qualifications and determined based on various factors including the candidate's qualifications, skills, and experience.
Benefits Perks
- Remote-First Culture - We supported #remotelife long before it was a given. We'll keep promoting it.
- Competitive Salary Equity
- Comprehensive Medical, Dental, and Vision Plan Offerings
- Life and disability coverage including voluntary options
- Parental Leave - up to 8 weeks (320 hours) of paid parental leave based on meeting eligibility requirements
(Birthing parents may be eligible for additional leave through STD) - 401K Company Contribution - Openly contributes 3% of the employee's gross income, even if the employee does not contribute.
- Work-from-home stipend - We provide a $1,500 allowance to spend on setting up your home workplace
- Annual Professional Development Fund: Each employee has $2,000 in professional development (PD) funds to spend on activities or resources annually. We want each Openly employee to achieve personal and professional success and to feel supported, confident, and informed about improving their efficiency and productivity.
- Be Well Program - Employees receive $50 per month to use towards your overall well-being
- Paid Volunteer Service Hours
- Referral Program and Reward
Depending on position, Employees generally are eligible for cash incentive compensation, including commissions for sales eligible roles. In all cases, eligibility for compensation and benefits is subject to applicable plan and policy terms in effect from time to time.
U.S. Citizens, Green Card Holders, and those authorized to work in the U.S. for any employer and currently residing in the US will be considered.
Openly is committed to equal employment opportunity and non-discrimination for all employees and qualified applicants without regard to a person's race, color, sex, gender identity or expression, age, religion, national origin, ancestry, ethnicity, disability, veteran status, genetic information, sexual orientation, marital status, or any characteristic protected under applicable law. Openly is an E-Verify Employer in the United States. Openly will make reasonable accommodations for qualified individuals with known disabilities under applicable law.
We strive to provide an exceptional applicant and candidate journey when you engage with us. In an effort to respond to applicants in a timely manner, we leverage AI to organize applications and resumes based on required and applicable skills and experience. To allow our applicants to drive their initial interview experience with us, we may leverage an AI-supported scheduling tool so you can choose when to meet with our team. While AI assists with efficiency, all hiring decisions are made by our team members. Rest assured, your data is protected according to privacy laws and company policies. Contact our recruitment team with any questions about our AI-assisted hiring process.
