Manager of Information Security
Voted as one of the top companies to work for by Built in Boston in 2020, MineralTree is a disruptive Fintech enabling over 2,000 companies to improve operational efficiency with AP Automation. With our award-winning solution, companies such as the Boston Celtics, Appalachian Mountain Club, EverQuote, Baltimore Ravens and Attivio have shifted accounts payable from a source of inefficiency and fraud risk to a secure and strategic profit center that provides deep visibility into the cost drivers of the business. MineralTree sells its solution directly to customers and through value-added partners consisting of financial institutions, payment processors, and credit card providers.
We are a close-knit organization where everyone is working toward a common goal and where all contributions matter. With passion, teamwork and a good dose of humor, we drive toward challenging goals. We pride ourselves on our collaborative nature and always put the team above the individual. We’re looking for high-energy individuals who are ready to learn and take ownership of their career growth. This is an opportunity to join an early-stage company led by an experienced management team with a track record of building successful companies.
We are searching for an Information Security Manager to help manage Information Security activities within MineralTree, as well as, with our external auditors, vendors, partners and customers. This role is part project manager, auditor, and product manager; providing for a great variety of opportunity for growth. You will be comfortable working with a small team and on a wide range of responsibilities in a fast-growing software company.
Your Goals:
- Within three weeks you will be familiar with MineralTree’s Security Program
- Within one month you will have integrated with Security Program stakeholders throughout the organization
- Within three months you will be supporting MineralTree’s SOC 1, SOC 2+ (HIPAA), and PCI-DSS audits
- Within six months you will be making a direct organizational impact by expanding and improving MineralTree’s Security Program activities
Your Responsibilities:
- Collaborate with engineering and other teams to develop and manage policies and procedures concerning the SDLC, governance and security
- Project manage information security audit and compliance activities
- Provide effective communication of projects and tasks to the Information Security team and stake-holders in other departments
Your Experience:
- Five to ten years of relevant work experience
- Information Technology degree or equivalent experience
- Project Management Institute Certification in Risk Management (PMI- RM) or equivalent work experience
- Practical experience as a team member in a project or program where Security metrics were devised, delivered, and/or analyzed
- Strong analytical and problem-solving skills
- Familiar with formal risk management policies and procedures
- Spreadsheet expert
- Information Security, Audit or other Security related Certification is a plus!
- A background in business accounting is a plus!
- Familiarity with payments (e.g. PCI) is a plus!
As a regular full-time MineralTree employee you will enjoy a competitive salary, bonus and benefits for your peace of mind, such as -- Blue Cross Blue Shield medical and dental insurance, vision, life, disability and more! You will save for retirement through our 401K and have the opportunity for growth with our tuition reimbursement. We also know that talented people tend to hang together, which is why we provide you with the opportunity to earn significant referral bonuses. With hard work comes the need for time off, so we provide unlimited vacation giving you the opportunity to recharge. These are just a few of the great benefits we offer. We look forward telling you more about all of the great benefits and perks here at MineralTree!
MineralTree is an equal opportunity employer. We support the principle of equality of treatment in employment, and are committed to having procedures to determine equal pay for all our employees that do not discriminate and are free from bias.