Security Auditor
Founded in 2016, Better is a digital-first homeownership company whose services included mortgage, real estate, title, and homeowners insurance. We leverage creative technology and innovation to make the homebuying journey more approachable and understandable. Here are some interesting facts to help you get to know Better:
- From its founding in 2016 through 2020, Better funded $30.9B in home loans and provided over $7B in cumulative coverage through Better Cover and Better Settlement Services, the insurance divisions of Better
- Ranked #1 on LinkedIn’s Top Startups List for 2020 and 2021
- Ranked #2 on Fortune's Best Companies for Millenials 2021
- Fortune Best Workplaces for Women 2021
- People Magazine Companies that Care 2021
- Inc Magazine's Best Workplaces 2021
- Top Women Originators 2021
- Our Founder and CEO was named in Comparably's Top 25 CEOs for Diversity
- Better has raised over $400M in equity capital since inception
Our company is made up of driven, passionate people who bring their unique backgrounds and perspectives to everything we do. We are committed to fostering diversity, multiculturalism, and inclusion. We encourage individual potential rather than years of experience. We see the value in each person’s perspective, and recognize their talents, regardless of what the market says. We believe it’s important to nurture a company culture that encourages curiosity and passion—from employee resource groups and learning opportunities to team outings and community outreach.
Better is a family of companies. Better Mortgage Corporation provides home loans; Better Real Estate, LLC provides real estate services; Better Cover, LLC provides homeowners insurance policies; and Better Settlement Services provides title insurance services.
A Better opportunity:
Better is looking to hire a Security Auditor to join our security team. You will be responsible for auditing and making recommendations to bolster our current compliance disposition based on your findings.
Responsibilities will include:
- Liaise with external auditors during our annual audits that include, but are not limited to, PCI, SOC 2, SOC 1, SOX, and responses to State Regulatory questionnaires.
- Work with members of the security team and compliance teams to review external vendor security controls and make risk-based recommendations during the vendor onboarding process.
- Produce and update technical analysis/policy documentation on a regular basis.
- Perform audits of critical systems including but not limited to access provisioning/deprovisioning, admin recertifications, compliance with state and federal data laws, hardening guidelines, etc.
- Performing remediation vulnerability scans and working with other members of the organization on prioritizing and addressing vulnerabilities within SLAs.
- Assist with cybersecurity training efforts such as: performing onboarding training, yearly training campaigns, and email phishing campaigns.
- Working with GRC tools to track and report on compliance against multiple frameworks.
- This role is designated as ‘Remote Mode,’ and employees are not expected to report into a Better office at any time. Proof of COVID-19 vaccination is not required unless fully remote employees attend an onsite, in-person meeting, office event, or otherwise interface with Better employees and/or customers in person.
About You:
- 2 years minimum experience in a Security Auditing role
- 2 years experience with vulnerability management scanning technologies
- Familiarity with security detection tools SIEM, EDR, IDS/IPS etc.
- Prior experience with SOC 1 / 2, PCI, and/or similar audits
- Ability to create or improve upon processes, procedures, and policies
- Understanding of industry standards / frameworks (NIST, DISA, SOC2, ISO/IEC, etc)
- Experience with security awareness training programs
- Experience with enhancing auditing requirements to improve program capabilities
- Experience with cloud environments (AWS, Microsoft Azure, Google)
- Experience working in the Financial industry a plus
- Experience with CCPA, NY-DFS, GDPR is a big plus
- CISSP, CISA or similar certifications are a plus
- Risk management experience a plus (RMF, for example)
Job Req ID: JR101798
Better is requiring all US employees to be fully vaccinated in order to go into the office. Our priority is first and foremost the safety of our employees and we require COVID-19 vaccination to help ensure their safety in the workplace. Please note that Better will offer a reasonable accommodation process for employees who are not vaccinated for medical or religious reasons.
The Better mission is rooted in values that drive us.
- We do what’s in the best interest of the consumer, not ourselves
- We have growth mindsets, not fixed ones
- We believe that success lies in execution, not credentials
- We act like owners, not just employees
- We work to find answers on our own, not wait for them to be given to us
- We optimize for mission, not ego
Our mission speaks for itself—we continue to outpace the industry at every turn. We’ve joined forces in partnership with Ally Bank, and our backers have helped build some of the most transformative tech and finance companies in history. Kleiner Perkins, Goldman Sachs, American Express, Citigroup, Activant Capital, Ally Bank, and others have invested in our vision for what homeownership can be.
Better Benefits & Compensation
Our total rewards package consists of base salary, equity, benefits, and opportunity for yearly cash bonus. Some of our benefits include:
- Comprehensive healthcare, retirement, and voluntary benefits. Think medical, dental, vision, savings accounts, 401k, and more.
- Personalized care and tools for realizing your mental health and wellness goals
- Robust wellbeing offerings that allow you unlimited access to virtual fitness, meditation, yoga, cooking classes, homeschooling preparedness, physical therapy, and more.
- Unlimited time off (with manager approval)
- 12 weeks of paid parental leave after 90 days of employment, and 20 weeks after 24 months of service.
- Inclusive fertility benefits for you or your eligible dependents, regardless of participation in a Better medical plan.
Better is an equal opportunity employer. We do not discriminate on the basis of race, color, religion or religious creed, sexual orientation, gender, gender identity, marital status, family or parental status, disability, military or veteran status, or any other basis protected by law. If you require further accommodations or have questions regarding accessibility of our roles, please reach out to [email protected]. All employment decisions at Better are based on a person’s merit, business needs, and role requirements.
California Consumer Privacy Rights Notice for Job Applicants
Under the California Consumer Privacy Act (CCPA), Better is required to inform California residents who are our job applicants or prospective talent (together "job applicants") about the categories of personal information we collect about you and the purposes for which we will use this information. The notice contains disclosures required by the CCPA and applies only to personal information that is subject to the CCPA.