Information Security Analyst

Betterment, United States

Investing Made Better

About Betterment

Betterment is a technology-driven financial services company that offers services for spending and saving, alongside its core investing and retirement solutions. Since 2010, Betterment has had one mission: to help people make the most of their money so they can live better lives. Using cutting-edge technology, Betterment empowers its hundreds of thousands of customers to manage their money – for today, tomorrow, and someday – through personalized, expert advice; automated money management tools; and tax-smart strategies that help keep taxes low. Learn more www.betterment.com.

About the Role:

We are looking for an experienced professional to help manage information security risk. As a technology-driven financial services company, managing information security risk is critical to the trust that we foster with our clients, investors, and regulators. This role will operate within our Risk & Information Security team, which is a small independent team responsible for managing confidentiality, integrity, and availability (CIA) of information assets, within a risk appetite related to privacy and security. The team partners very closely with both engineering and other risk disciplines such as Compliance, Legal, and the Operations teams who manage fraud.

This role is remote eligible. Colorado has an annual starting salary of $140,000 a competitive equity package, health, dental and vision benefits, and a 401(k) offering. This job may also be eligible for variable compensation in the form of an incentive bonus. The actual pay may be higher depending on your skills, qualifications, and experience. 

A Day in the Life: 

  • Help develop and execute a number of risk management processes, and we have some flexibility for specialization among the team.
  • One important set of stakeholders you will work with are external auditors (for example, SOC-2 auditors) and regulatory authorities; You will provide evidence regarding the effectiveness of Betterment’s controls and to make improvements where necessary.
  • Work closely with the Product and Engineering organization to understand and iterate on our software development practices, consider industry guidance, and establish a threat modeling and risk assessment process. 
  • You may improve Betterment's Business Continuity and Disaster Recovery Planning (BCP/DR) program. This would include consultation with business units to document a business impact analysis (BIA) and coordinate updates to recovery plans for multiple business units.
  • Work with the IT team to improve and automate identity and access management administrative processes, leaning in to tools like federated identity management and single sign-on. You will also work with IT to select the right controls for our Macintosh workstation environment, employee-owned mobile devices, and SaaS business applications.
  • Because third-party risk is a growing concern in our business and industry, you will regularly evaluate the residual security risks of vendors and business partners. This will include reviewing various questionnaires and independent audits, and advising Betterment stakeholders on the associated risks.
  • Bridge the gap between our Enterprise Risk Management program and Security. This will include coordinating the reporting and analysis of security key risk indicators, making professional judgements regarding situations where we are not within an acceptable risk tolerance level, and status reporting for remediation and risk-acceptance plans for open issues.

What We’re Looking For: 

We are seeking a team member who is highly experienced in the Information Security risk management area, and will be able to take a leadership role in some of our program areas (such as TPRM, BPC, or Threat Modeling/Risk Assessment). They will drive decision-making on a day-to-day basis, and their work will be crucial to the overall impact of the Information Security program.

The following skills/competencies are required:

  • You’ve improved a security program by designing a risk management program area, and operated the resulting process successfully.
  • You have knowledge and familiarity with the financial services industry and associated regulations (e.g., GLBA, FFIEC, SOC2 AICPA Trust Principles, PCI, etc.)
  • You have familiarity with IT governance frameworks and standards (e.g., ISO27000, NIST Cyber Security Framework), and have used the framework to evaluate residual risk.
  • You have a basic level of familiarity with cloud security concepts and technologies (AWS services, Docker, Kubernetes), as well as typical corporate security controls (e.g., NIDS/NIPS, HIDS/HIPS, WAF, Network Firewalls, VPN, SIEM, DLP, etc.)

What Being at Betterment Means for You:

Joining Betterment means belonging to a community of folks passionate about change, being on a team that cares for your well-being, and continuing on a journey of non-stop growth and evolution. 

You’ll join a Community that Cares: 

  • Betterment is a place to bring your best self. We welcome families (and pets) for all our activities such as lunches, company retreats, and celebrations. 
  • Make meaningful connections with your peers through interest groups, sports clubs, social events, meetups, and regular knowledge sharing, all occurring in a remote friendly way.
  • Join one or more of our 8 Employee Resource Strategy Groups as a member or an ally, and help us shape Betterment’s culture and product for years to come.

You’ll stay Happy and Healthy:

  • We will ensure you're set up and cared for with a customizable workstation, enrollment in our 401(k) service, benefit packages that fit your needs (infertility and World Professional Association for Transgender Health approved benefits available), flexible parental leave, annual gym reimbursements and a whole suite of thoughtful benefits. 
  • You’ll have unlimited paid personal and vacation days, and a team that cares about your whole life, not just what you’re working on.

You’ll Learn & Grow:

  • Enhance your skills and abilities through Betterment University courses and additional allowance for outside learning. 
  • As part of a team that values knowledge sharing and transparency you can opt into mentoring and career coaching programs, weekly company meetings, and show & tells.

Please note that Betterment is dedicated to providing accommodations to candidates with disabilities. If you need accommodations at any point throughout the interview process, please reach out to [email protected] 

What Happens Next?

We expect to take a few weeks to review all applications. If we would like to spend more time with you, you will hear from us to arrange next steps. You can expect 3-4 sets of conversations, all remote, with your future colleagues in the weeks following your application.

Throughout the interview process, we’ll look to learn more about your skills, experiences, capabilities, and motivators. Many of our interview questions will be behavioral, aimed at understanding how you might operate here at Betterment. We may ask you to complete a case study exercise or technical assessments, depending on the role, as we aim to collect a robust set of data points throughout the interview process.

On average, it takes us around 2-3 weeks to make a hiring decision, depending on your availability and sense of urgency. As a best practice, we aim to interview at least 3 final round candidates before making a hiring decision.

Please note that we’re unable to offer individual feedback during the interview process. We usually see 1,000+ applications for open positions, and our hiring team simply doesn’t have the bandwidth to offer personalized feedback to each candidate. 

We recognize that interviewing for a new role is a big deal. We appreciate you giving us consideration as the next step in your career. Our Recruiting Team is here to support and advocate for you through the interview process, so please let us know how we can help. 

Come join us!

We’re an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. We strictly prohibit and do not tolerate discrimination against employees, applicants, or any other covered persons because of race, color, religion, creed, national origin or ancestry, ethnicity, sex, gender (including gender nonconformity and status as a transgender or transsexual individual), sexual orientation, marital status, age, physical or mental disability, citizenship, past, current or prospective service in the uniformed services, predisposing genetic characteristic, domestic violence victim status, arrest records, or any other characteristic protected under applicable federal, state or local law.

#LI-Remote #BI-Remote

About Betterment

Betterment is the largest independent online financial advisor with more than $9 billion in assets under management. The service is designed to help increase customers’ long-term returns and lower taxes for retirement planning, building wealth, and other financial goals. Betterment takes advanced investment strategies and uses technology to deliver them to more than 250,000 customers across its three business lines: direct-to-consumer, Betterment for Advisors, and Betterment for Business. Learn more

Be a Better Betterment Candidate

Learn skills and get an insider's look at Betterment when you watch classes taught by their top employees.

Want to learn more about Betterment? Visit Betterment's website.