Demyst has developed a next generation data access platform that helps tier-1 banking and insurance customers discover, access and productionalize 3rd party datasets. Our customers trust us with incredibly sensitive data and we take that responsibility very seriously.

The Manager of Information Security is responsible for the definition, documentation and management of all Demyst information security policies. A successful candidate will be able to work across the company, bridging multiple disciplines, up and down the organization.

  • Work collaboratively to define and manage network security and data security best practices
  • Review and provide weekly reports on generated security events
  • Maintain policies around and lead the the organization through Demyst’s yearly SOC2 security audit
  • Oversee and direct a variety of security risk assessments, providing advisory support to corporate/studio contacts on the evaluation of risks, development of remediation plans, and work with stakeholders to define and implement process enhancements
  • Develop, implement and manage information security training and awareness for all employees, ensuring compliance and understanding with the policies and procedures.
  • Coordinate Risk Assessment and Business & Continuity planning and testing
  • Work with customers to map their information security requirements to Demyst’s
  • Identify and communicate information security, compliance and and other security issues to internal stakeholders
  • Define and audit data partners IT and Information Security standards
  • Oversee the Information Security Management function, including the development, documentation, implementation, operation, and maintenance of an information security program, and manages ongoing activities to preserve the availability, integrity, and confidentiality of organization information resources in compliance with applicable security policies and standards
  • Safeguard the organization’s computers, networks, and data against threats, such as security breaches, computer viruses, or attacks by cyber-criminals, avoiding loss of confidential information, lost revenue, and fines from regulatory agencies for failing to protect data
  • Communicate regularly with other managers, and bring the organization’s information security risks under explicit management control

REQUIREMENTS

  • 4-year degree from an accredited university in finance, computer science, engineering, business or related combined work/education experience
  • 2-3 years experience managing information security compliance programs
  • Strong quantitative and analytical skills; proven ability to track and successfully complete complex programs
  • Strong understanding of security requirements in the application development life cycle
  • Experience in guiding teams or individuals to strengthen their implementation and effectiveness of the security controls in a very fast paced, complex, and demanding environment
  • Experience in organizing change management, awareness and training for end users
  • Strong technical management skills in overseeing security assessments of external service providers, providing security guidance, and overseeing mock security breach exercises
  • Previous experience going through a SOC2 audi

Preferred:

  • Professional Certification: CISSP, GIAC, CISA, CRISC, CISM
  • Experience working at a startup or small, fast paced
  • Experience working within a global, IT organization

BENEFITS

  • Put your own mark on the process
  • Stretch yourself to help define and grow something entirely new that will impact billions
  • Gain exposure to a company that has more institutional knowledge in emerging “big data” access that perhaps anyone in the market, learn quickly
  • Be with the client solving problems, not filling in forms
  • Small enough where you matter, big enough to have the support to deliver what you promise
  • Generous benefits & competitive compensation

Apply here