Senior Information Assurance Analyst - DebtBook

Who We Are

DebtBook is an industry-leading fintech software platform that revolutionizes the way local governments, higher education, healthcare organizations and their finance teams work. Our powerful, cloud-based software helps these organizations manage all aspects of their debt, leases, and subscriptions, streamline financial reporting, and share information simply with others.

About the Role

As we continue our core mission of creating world-class debt and lease management software for governments, higher education, and non-profit organizations, we are furthering the maturity of our Information Security program by expanding our Information Security team.

The Senior Information Assurance Analyst is a new role we are adding to the team to be primarily focused on Information Assurance and Compliance (IAC) efforts within DebtBook. This includes facilitating the implementation and maintenance of relevant security controls, recommending improvements to address identified security deficiencies, and ensuring DebtBook’s ability to demonstrate properly implemented Information Security controls to customers and certification bodies. In this role, you will engage various cross-functional teams to drive compliance in a wide variety of security domains, including GRC, threat and vulnerability management, BC/DR, incident response, data security, IAM and endpoint security. 

What You’ll Do

• Core responsibilities (75%):
• Drive implementation and maintenance of security controls across SOC 1 & 2, CSA CCM and NIST 800-53 control frameworks
• Ensure organizational teams complete and maintain all process documentation and other evidence collection necessary to demonstrate continuous security control compliance
• Document and maintain evidence of the implementation of security controls directly owned by the Security team
• Develop and maintain information security policies across all relevant frameworks (SOC 1 & 2, CSA CCM, NIST 800-53)
• Serve as project manager for the Information Security team to ensure organization, documentation, tracking and timely completion of team priorities as set by Security team management
• Manage process for answering questionnaires supplied by potential customers regarding the state of DebtBook’s information security program
• Ad-hoc responsibilities (25%):
• Oversee DebtBook’s annual SOC audit by ensuring up-to-date evidence collection, interpreting and explaining in-scope security controls and evidence tasks as needed for organizational teams, and facilitating the completion of auditor requests made during the audit process
• Research, drive and/or implement improvements for DebtBook’s Information Assurance and Compliance efforts based upon gap assessments against relevant frameworks 
• Assist other security team members with projects as needed

What You Bring  

Your keen attention to detail, ability to balance multiple on-going projects, and broad knowledge of information security controls and best practices are the skills that will make you successful in this role. An effective communicator, you are also highly skilled in motivating teams across the organization to implement, maintain and improve compliance in their respective areas of responsibility. Requirements include:

• 7 years of Information Security, Information Assurance and/or Audit experience 
• CISA, GSNA, GCCC, or comparable certification preferred 
• Familiarity with security control frameworks such as CSA CCM, NIST 800-53 or SOC 1 & 2
• Experience documenting, tracking and advancing adherence to security controls and industry best practices as part of an overall organization information security program 
• Experience working with parallel business units within an organization to cooperatively advocate for adherence to relevant security controls and best practices within their respective areas of responsibility
• Experience driving multiple long-term projects to completion

Why DebtBook

Proud to be named one of the “Best Places to Work” by Charlotte’s Business Journal, DebtBook is a fast-growing company where we dream big, move fast, make an impact, and bring joy to everything we do. Our core values drive our success as an organization, and we are looking for talented teammates who share our passion for challenging the status quo, innovating in all we do, and wanting to make a difference.  

When it comes to benefits and perks, we are committed to supporting our employees’ well-being to make their lives better, both in and out of the office. We offer:

• Competitive salaries plus equity (stock options) for all employees;
• Comprehensive health, dental, and vision insurance, 401(k) with 4% employer match; 
• Flexible work schedules and generous leave policies (including unlimited PTO);
• Professional development opportunities and tuition reimbursement;
• Family and wellness perks;
• Monthly get-togethers;
• Stipends for remote workers to set up their ideal work space;
• Top-of-the-line equipment, and a newly furnished office.

DebtBook is an Equal Opportunity Employer. We value diversity and prohibit discrimination and unlawful harassment in the workplace. All applicants will receive consideration for employment based upon their qualifications without regard to race, religion, color, national origin, ethnicity, gender, gender identity or expression, pregnancy, sexual orientation, age, marital status, genetic information, political affiliation, National Guard or veteran status, disability, or any other protected status under federal, state, or local law. We welcome and encourage applicants with disabilities to contact our team for assistance during the application and hiring process. We are committed to expanding accessibility and making reasonable accommodations in accordance with applicable law.

#LI-Remote