Oh Snap!
This job is no longer active - but you can still view the details below.

Head of Information Security Compliance

| Greater NYC Area

Bread is a technology company that aims to transform the world of paper credit card applications and hidden interest rates by providing leading point-of-sale financing options for merchants across the e-commerce journey. We build tools, technologies and APIs that allow merchants to integrate an installment loan financing and checkout experience anywhere in their customers’ shopping journey. Bread was started in 2015 by financial technology veterans, and has experienced explosive growth to date. We’re backed by top investors including Menlo Ventures, Bessemer Venture Partners, Kinnevik, among others.


Bread is looking to hire a dedicated Head of Information Security Compliance. This role is critical to Bread’s core business of offering transparent financial products for merchants and consumers while maintaining the trust and confidence of our customers that we will protect their privacy and their personal information. You’ll be creating a robust, secure and compliant data regime to protect both the company and customers’ assets and privacy, while fostering a culture of security and compliance with the various department leaders and throughout the organization.


The Head of Information Security Compliance:

  • Oversees and coordinates information security risk management and compliance efforts across Bread, including departments such as Engineering, Information Technology, Human Resources, Legal, Finance and other groups
  • Drives the execution of the information security risk assessments and information security compliance initiatives and standards throughout the organization. 
  • Owns the development and administration of Bread’s information security policies, setting procedures and guidelines to ensure that all information systems are functional, secure and safeguarded throughout the company and are in compliance with privacy, customer trust and applicable information security laws and regulations 
  • Works closely with key individuals throughout the organization to develop business cases for new security projects and provides appropriate expertise to manage associated information security risks
  • Provides leadership, technical expertise and administrative support for the development of Disaster Recovery and Business Continuity programs for the company. 
  • Leads information security risk management and compliance efforts related to strategic partnerships


Day to Day Responsibilities include:

  • Develop and Maintain our internal information security risks and controls catalogue 
  • Lead strategic partnerships and relationship-building in support of our ongoing security-compliance commitments such as SOC-1, SOC-2, PCI, and ISO27001. 
  • Drive resolution of information security gaps or control deficiencies, and help business owners prioritize remediation activities
  • Executing information security risk assessments for third-party vendors, and responds to information security diligence requests from external partners 
  • Manage the information security relationship with key partners
  • Serve as the primary point of contact for information security audits and assessments for business partners/third-party vendors, and represent IT/Engineering across these exercises
  • Provide information security training and awareness to employees
  • Report on the state of information security control environment to the Governance, Risk and Compliance Working Group 


Preferred Background:

  • 7+ years of experience in information security compliance or information security risk management in financial services
  • Experience with implementing an Information Security Risk Management and Compliance Program, including information security policies management, information security risk assessments, information security governance, information security training)
  • Able to communicate security-related concepts to a broad range of technical and non-technical staff. Acting as a bridge between IT and business process owners.
  • Certification is required, such as CISA, CISM or CISSP
  • Knowledge and experience in the following information security areas:
    • Information security assessment and auditing procedures, from both technical and business perspectives, and the use of formal methodologies such as NSA IAM
    • Vulnerability scanning and auditing tools
    • Network security
    • E-commerce application security
    • Computer investigation and forensics methods and technologies
    • Secure messaging architectures
  • Knowledge of regulatory bodies, and information security and privacy related regulations and/or guidance issued by these bodies such as the FDIC, CFPB, FinCEN and Federal Reserve Board
  • Knowledge of privacy laws, such as GLBA, Regulation P
  • Experience working with Mac Endpoint tools such as JAMF, IAM tools such as Okta/Duo, and security tools such as Sophos and Qualys.
  • Strong project or program management experience
  • Proven ability to collaborate cross-functionally and desire to work closely with other members of the team
  • Strong verbal and written communication skills
Read Full Job Description
Apply now
loading ...
Emailed

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavascriptLanguages
    • FluxLibraries
    • ReactLibraries
    • ReduxLibraries
    • PostgreSQLDatabases
    • Google AnalyticsAnalytics
    • ConfluenceManagement
    • JIRAManagement
    • TrelloManagement
    • HubSpotCRM
    • SalesforceCRM
    • MailChimpEmail
    • MarketoLead Gen

Location

156 5th Avenue, 2nd floor, New York, NY 10010

An Insider's view of Bread

What are some social events your company does?

We love celebrating, whether it’s during our monthly happy hours, D&I events or our summer/winter holiday parties. Our team is extremely thoughtful about how we gather together to ensure everyone is excited about and included in all we do. It fosters collaboration in a more strategic yet relaxed way which helps build relationships.

Britney

Head of Employee Engagement

What projects are you most excited about?

A typical day at Bread is different depending on the engineer. While some engineers enjoy more autonomy, I enjoy collaborating on projects with other engineers and coming up with great solutions together. We strike a balance between stability and innovation through code reviews and guest lectures. I feel supported in my career growth here at Bread.

John

Software Engineer

How does the company support your career growth?

Bread encourages us to empower ourselves from the very start of our careers by offering every employee a stipend to seek educational resources and support. If you envision a role we don’t currently offer, or aspire to transition internally, we aim to give you the tools needed to meet your goal.

Gaby

Recruiting Coordinator

How do you collaborate with other teams in the company?

One of the great things about working at Bread is the cross-functional collaboration with other teams. As an integrations engineer, I have not only learned how to intentionally build a product in a thoughtful manner from the Engineering and Product teams, but also how to be effective in a client facing role from our Sales and Success teams.

Wei

Integrations Engineer

What are Bread Perks + Benefits

Bread Benefits Overview

100% Paid Health, Dental & Vision
Stock Options
Flexible Vacation Policy
Team Events
Weekly Lunches
Learning & Development stipend
Monthly Meditation
Bi-monthly Yoga
Bi-monthly chair massage
Life events and milestone celebrations

Culture
Volunteer in local community
Friends outside of work
Eat lunch together
Intracompany committees
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Someone's primary function is managing the company's diversity and inclusion initiatives
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Team workouts
We have in office yoga once a week!
Retirement & Stock Options Benefits
401(K)
Company Equity
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Bread provides employees with a flexible work schedule that includes flexible start and end times.
Family Medical Leave
Company sponsored family events
Bread sponsors family oriented events annually.
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Free Daily Meals
Stocked Kitchen
Some Meals Provided
Happy Hours
Recreational Clubs
Relocation Assistance
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Bread offers employees professional development opportunities like annual individual budget for training, the ability to attend job related conferences and seminars.
Tuition Reimbursement
Diversity Program
Lunch and learns
Bread hosts lunch and learn meetings on occasion.
Promote from within
Continuing Education stipend
We offer $$$ annually for continuing education.
More Jobs at Bread19 open jobs
All Jobs
Design + UX
Dev + Engineer
HR
Legal
Marketing
Operations
Product
Product
new
New York
Product
new
New York
Developer
new
New York
Developer
new
New York
Developer
new
New York
Marketing
new
New York
Developer
new
New York
Design + UX
new
New York
Developer
new
New York
Operations
new
New York
HR
new
New York
Developer
new
New York
Product
new
New York
Operations
new
New York
Product
new
New York