Chief Information Security Officer, MeridianLink
$269.6-346.1k
+ Potential For Equity-Based Awards
Lending software provider
Open for applications
Lending software provider
501-1000 employees
Open for applications
$269.6-346.1k
+ Potential For Equity-Based Awards
501-1000 employees
Company mission
To be the most trusted financial services technology platform.
Role
Who you are
- Bachelor’s degree in a relevant field or equivalent years of experience is required. Equivalent years of experience are determined as one year of technical experience for every year of college requested
- Minimum 10 years of experience in Enterprise Information and Product Cyber security
- Strong knowledge of Secure Development Lifecycle and CI/CD automation tools (TF, Git, Jenkins)
- Knowledge of regulatory and standards-based compliance related to cloud and mobile applications, and data confidentiality (e.g., GDPR, FEDRAMP/FISMA, SOC 2, and ISO 27001, etc.)
- Experience with the application of risk identification and evaluation techniques
- Advanced knowledge of Cyber Security and full knowledge of multiple (full-stack) related engineering functions
- Preferred experience with securing cloud architectures (Azure/AWS) and/or Kubernetes
- Preferred experience leading red/blue security teams and working with engineering teams to remediate findings
- Information Security certifications such as the Certified Information Systems Security Professional Certification (CISSP) or Certified Information Security Manager Certification (CISM) is required
- Experience with Financial services or Software-as-a-Service (SaaS) companies
What the job involves
- The Chief Information Security Officer will lead MeridianLink’s information security functions
- This position provides leadership and oversight for MeridianLink’s security program
- Responsible for both IT security operations, and information security compliance with a focus on MeridianLink’s product security architecture and SaaS security operations
- The position will work with peers in Engineering, Enterprise Architects and the Product Owners to provide technical insight and industry perspective in the creation, delivery, and integration of complex and comprehensive security solutions
- Technical experience to lead on architectural and technical security by design
- Develop strong working relationships with technology and business partners across multiple locations in support of security, compliance, and audits for the organization
- Provide strong positive and collaborative leadership to executive teams, other departments such as engineering, product management, legal, support, and IT. Also, lead and manage Information Security teams composed of internal and external resources
- Take initiative to identify gaps and changes required to address security threats and compliance with products
- Present risk information to executives and advise on remediations
- Responsible for the review and certification of all back up and disaster recovery plans
- Oversee the secure development, design and implementation of new applications and changes to MeridianLink SaaS applications
- Direct and manage computing and information security plans, policies, programs and project schedules
- Continue to build and enhance secure application design and development policies and practices
- Partner with IT to ensure that the technical and security needs of internal systems and services are met
- Develop and maintain security policies and procedures including, but not limited to, incident response plans, business continuity plans, etc
- Lead the implementation and operation of security services such as vulnerability assessment, threat monitoring and incident response
- Oversee security design and architecture including IaaS and PaaS cloud migrations
- Lead vulnerability, change, and configuration management, for applications and infrastructure
- Oversee administration of security services, including antivirus, IDS/IPS, data loss prevention, and security monitoring
- Customer facing responsibilities, such as pre-sales, facilitating due diligence requests, RFPs, and customer security concerns
- First line incident response and support for remediation
- Provide Identity and Access management solutions to ensure appropriate access to sensitive data
- Monitor the SDLC and ensure that coding is done with secure best practices (OWASP framework or equivalent) including modern deployment methods such as CI/CD pipelines
- Experience leading red/blue security teams
- Conduct application assessments (design reviews and pen tests) and lead implementation of associated application security technologies
- Perform risk assessments on new technologies or discovered vulnerabilities
- Implement organization-wide security awareness initiatives and provide timely information to employees and leadership regarding new and emerging threats
- Collaborate with all teams to communicate and enforce security controls
- Develop and maintain processes, policies, and technical controls in support of certifications programs and continual compliance with ISO/IEC 27001/2, SOC 1, SOC 2, and other applicable international privacy regulations
- Continuously monitor security controls for all IT Security frameworks
- Oversee customer Information Security audits
Our take
MeridianLink provides modern software platforms for financial institutions and consumer reporting agencies. Specifically, it powers digital lending and account opening for the former and data verifications for the latter.
The company has been trusted for over 20 years and has remained adaptable and open to change with the industry, such as its recent addition of engagement features that offer new ways to help financial services drive growth, reach target audiences and adjust campaigns to meet business and customer needs. It has therefore maintained a number of impressive customers, from BankPlus and American United to FirstBank and TwinStar.
MeridianLink has proven hungry in recent years for acquisitions, having acquired StreetShares, TazWorks and Saylent within one year, and off the back of its 2021 IPO. Its efforts to expand its product offerings and customer base are a testament to its adaptable nature that has engendered a long-standing strong market position.
Freddie
Company Specialist
Insights
Company
Company benefits
- Potential For Equity-Based Awards
- Insurance coverage (medical, dental, vision, life, and disability)
- Flexible paid time off
- Paid holidays
- 401(k) plan with company match
- Remote work
- All compensation and benefits are subject to the terms and conditions of the underlying plans or programs, as applicable and as may be amended, terminated, or superseded from time to time
Company values
- Deliver on our commitments
- Customer success is our success
- Improve every day
- Stronger together
Company HQ
Costa Mesa, CA
Articles
Leadership
Nicolaas Vlok
(CEO, not founder)Previously co-founded ad served as CEO for both TST and Idion Technology Holdings. Acted as President and CEO for Vision Solutions.
Share this job
View 4 more jobs at MeridianLink