Information Security Analyst

About the role

We are looking for an information security professional with 2+ years experience in technology operations, technology audit, or GRC. The successful candidate in this role will perform a variety of governance, risk, and compliance activities related to security. Examples of assigned activities will include perform risk assessments for SaaS applications, consulting with application owners to apply strong logical access controls, monitoring and reporting on the timely remediation of vulnerabilities, or gathering evidence to support audits or examinations. As a technology-driven financial services company, managing information security risk is critical to the trust that we foster with our clients, investors, and regulators. This role will operate within our Govern & Control team, which is a small independent (second line-of-defense) team which is integrated with the broader security program. The role reports to the Director of Information Security, and works closely with the security teams within engineering, lines of business throughout the company, and other risk management teams including Compliance and Legal. This role is based out of our NYC office. Below we've reflected the base salary range for this position. Actual salaries may vary depending on factors including but not limited to location, experience, and performance. The range listed is just one component of Betterment's total compensation package for employees. New York City: $115,000-$125,000 This job may also be eligible for variable compensation in the form of a company incentive bonus. A Day in the Life: Operates assigned risk management processes such as vulnerability monitoring, due diligence questionnaire completion, audit or examination evidence gathering. A number of AI and automation tools will be available to facilitate increasing efficiency and scale in this work over time. The role will have some flexibility for specialization among the team. Perform application-level risk assessments by interviewing and documenting the key business processes and risks related to an application, and providing guidance regarding strong logical access controls to reduce risk. When appropriate, document issues and foster management attention related to remediation for control deficiencies. Perform due diligence or ongoing monitoring activities to evaluate security risks introduced through third-party relationships or applications or tools used by employees. Contribute to security awareness training or phishing simulation activities for training of employees and contractors. Gather data and ensure management attention towards key risk indicator (KRI) metrics for security. Monitor assigned issues through regular follow-up and reporting to ensure management attention and timely remediation.

Requirements

• We are seeking a team member with 2+ years experience in technology operations, technology audit, or GRC. They will be a significant contributor to the security program.
• The following skills/competencies are required:
• You've operated security controls in an IT operations role, or served as a Staff or Senior-level auditor (in public accounting or internal audit), or previously worked in a security role successfully.
• You have knowledge and familiarity with the principles of security risk management, including the CIA triad, design and operation of controls, and one or more control governance frameworks.
• You have a familiarity with security controls applicable to cloud computing and third-party SaaS applications, including logical access management processes, third-party due diligence and monitoring, and more
• You have experience learning new skills, including through research and the use of AI and automation.
• What being at Betterment means for you
• We change lives
• Join a community of innovators working to transform financial outcomes for real people. Your work will make an impact, always laddering up to our mission: making people's lives better.
• We set audacious goals
• We set them for the company, our customers, and ourselves-and we won't stop until we reach them. We don't just show up; we give our all, then celebrate our wins.
• We value all perspectives
• When we collaborate, we're at our best. We believe diverse perspectives lead to better outcomes and strive to uphold our supportive and inclusive community.
• We invest in you with:
• A competitive suite of benefits, includin

Benefits

Additional Information

About Betterment Betterment is a leading, technology-driven financial services company that offers investing, savings and retirement solutions for retail investors and investment advisors as well as financial wellness solutions, including a 401(k) for small and medium-sized businesses. Our team is passionate about our mission, to empower people to build wealth with confidence and ease. We're headquartered in NYC and offer hybrid NY-based positions (four days/ week in-office, with no required office days during the summer and winter holidays).

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Betterment? Share your experience