Staff Security Engineer, Governance and Risk at SIMON
Want to work at the forefront of a fast-growing and award winning FinTech company? With an incredible team and partners looking for innovative results, we’re rapidly growing and continue to add new asset classes to our offerings. We are on the lookout for smart and collaborative talent to join our team. As a cloud-based company, we are currently operating in a flexible and hybrid work model.
SIMON is looking for a Security Engineer with 5-10 years of experience in Information Security Governance and Risk. In this role, the candidate will review and enhance security policies and procedures, identify and document required security controls, and develop metrics in a security governance program to effectively manage risk. The ideal candidate would be an individual contributor hands-on, comfortable working in small teams, and interested in continually researching to improve knowledge about SIMON platforms, tools, and risk.
How You Will Fulfill Your Potential
- Develop and manage the Security Governance and Risk program aligning with standards including NIST 800-39, 800-53, etc.
- Monitor and drive the rollout of the information security governance and risk reporting, ensuring that policies, controls, procedures, and resources are in place to effectively manage risk
- Implement information security reporting capabilities across key areas of identity and access, vulnerability, patching, third party security, cloud, security operations, data security and incident response
- Identify and track risks across the organization
- Coordinate and lead independent control evaluations including SOC2, Client Assessment, and internal control assessments
- Develop and Manage Security Collaterals (e.g. SIG) for client assessments and to aid in marketing and sales
- Stay current with industry standards, regulatory requirements, client requirements and best practices around IT including NIST, ITIL, COBIT, Cloud Security Alliance
- Collaborate with business and technology teams and management to recommend and identify controls for identified risks
What We’re Looking For
- Bachelor's degree in Computer Science, Technology, or an equivalent combination of education and work experience
- 5+ years of experience in risk management, information security
- Knowledge of key technology rules and regulations and technology risk management practices (e.g. NIST, CSA, Privacy, COBIT)
- Negotiation skills and highly collaborative planning ability
- Ability to influence and communicate effectively and impactfully
- Experience managing client assessments for Financial/Healthcare domain
- Certifications including CISA/CISSP/COBIT
We offer a competitive salary and benefits, the chance to work with a curated team of top-notch, highly creative talent, and a fun and agile work environment with many perks in New York City’s Hudson Yards district, but are operating remotely through at least summer 2021.
SIMON Markets is an award-winning fintech company that is committed to transforming the digital experience for financial professionals, enabling them to better serve their clients. SIMON’s intelligent and innovative platform delivers an end-to-end digital suite of tools to over 100,000 financial professionals, who serve $5 trillion in client assets, empowering them with on-demand education, an intuitive marketplace, real-time analytics, and lifecycle management.
With a focus on reshaping the advisor experience, SIMON is setting new industry standards, simplifying the complex, and delivering structured investment, annuity, and defined outcome ETF solutions to investment professionals, centralized within one unique ecosystem.
Originally incubated within Goldman Sachs, SIMON launched as an independently operating company in December 2018 under the shared ownership and direction of seven leading financial institutions—Barclays, Credit Suisse, Goldman Sachs, HSBC, J.P. Morgan, Prudential, and Wells Fargo. Growth equity firm WestCap became an investor in 2021. The company is headquartered in New York, NY, with an additional location in Birmingham, AL.
No matter which part of the team you join, there is something interesting to work on. Our front-end team is building out our web and mobile presence using React, Redux, and Webpack along with some very sophisticated data visualizations. Our back-end team is using Scala, Akka, Postgres and other open-source technologies to build a micro-services architecture that can scale to handle our ambitious roadmap. Our quantitative engineering team is researching and building novel financial strategies to widen our competitive advantage. Our dev-ops team is creating a development and production environment with Docker and Kubernetes to keep us nimble. Product Management sits in the middle of it all to make it happen.