Director, Information Security & Compliance
Notarize is a pioneering technology startup bringing the age-old paper-based notarization process online. We're empowering businesses to send, track, and collect notarizations, streamlining operations for countless industries. Our mission is to help our customers complete the most important transactions of their lives.
Securing the private information of our customers and maintaining their trust is of the utmost importance to our business success. Were looking to bring an action-oriented privacy expert to our team who is passionate about providing data security and compliance guidance.
As our first hire focused solely on security, youll shape our strategy, building and scaling our internal processes and activities to create a culture with a world-class focus on data security, and communicating on the subject to key stakeholders internally and externally.
What youll do as our Director of Information Security & Compliance:
- Craft a meaningful vision and select tools and processes that improve the security of Notarizes products, systems, and platforms
- Own daily security operations activities, such as incident identification, root cause assessment, progress tracking, and resolution reporting
- Lead our efforts to obtain and maintain SOC2 compliance, including working with our various delivery teams to develop operating procedures that incorporate key security practices
- Respond to vendor questionnaires and company RFIs
- Direct senior leaders, engineering and product groups in prioritizing roadmap items in order to balance security and business risks
- Manage periodic risk assessments, vulnerability assessments, and business continuity tests in accordance with best industry practices, including penetration testing and code reviews
- Keep up to date with security threats and cutting edge information security technologies, bringing that knowledge in as lessons to the company
- Collaborate with our legal and legislative teams to provide expert perspective and input on pending legislation and issues
- Periodically deliver customized security training to internal teams
- Assist our sales team in communicating our security practices externally to help us win new business
What were looking for:
- 7+ years of experience in technology, at least 3-5 with a direct focus on security
- Minimum of 3 years experience in product security for cloud-based SaaS company
- Familiarity with industry and compliance standards around information security and cyber risk management, such as NIST and ISO27001
- Demonstrated history of identifying security risks and developing solutions to eliminate or minimize those risks
- Thorough knowledge of software design, software, network architecture, protocols, and standards
- Deep understanding of a variety of Information Security tools and systems, including knowledge of advanced threat protection and infrastructure vulnerabilities
- Previous professional information security experience, with penetration testing or "breaker" experience preferred
- Solid understanding of cloud platforms and emerging information security disciplines (e.g. SaaS security, cloud security, IoT security, etc.).
- Strong business sense, with entrepreneurial or startup experience preferred
- Demonstrated ability to influence technical and non-technical audiences, including those at senior leadership levels
- Strong problem solving, customer service, and project management skills
Some of our benefits:
- Competitive salaries & equity
- Heavily subsidized medical, dental, and vision
- Unlimited PTO & flexible work schedules
- Small, cross-functional teams
- Strong emphasis on collaboration & mentorship
- Friday lunches & regular training sessions
- Seltzer & cold brew on tap
- Fun & easily accessible location (Back Bay, right near the Pru)
Notarize is committed to building an inclusive environment for people of all backgrounds and everyone is encouraged to apply. We are an equal opportunity employer and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We'd love to hear from you.