Information Security Manager

Summary

Join Loopio as an experienced Manager, Information Security, leading and evolving the company's security controls, procedures, and policies. You will be the subject matter expert, advising internal and external stakeholders. This role involves risk assessment, compliance, reporting, and collaborating with various departments. Loopio offers a remote-first workplace with flexible hours and various benefits, including a professional mastery allowance, work-from-home budget, and a supportive team environment. We encourage applications from all backgrounds, even if you don't meet every requirement. Loopio is committed to building diverse and inclusive workplaces.

Requirements

• Bachelor’s degree in Business Administration, Finance, Accounting, Information Technology, or a related field
• 6-8 years of previous experience in governance, risk management, and/or compliance in a technical, or administrative capacity
• A strong understanding of regulatory requirements and industry standards, including the GDPR, NIST, SOC and ISO frameworks
• A proactive mindset with strong organizational and time-management skills
• The ability to work in a fast-paced, often changing environment and an ability to multitask while understanding priorities
• Impeccable oral and written communication skills, ability to introduce complex information in an engaging way
• Familiarity using systems such as macOS, AWS, Linux, and Scripting

Responsibilities

• Lead the Information Security Team, Digital Trust Council and actively evolve the security governance structure at Loopio
• Plan and execute information security control risk assessment including the reporting and oversight of risk treatment plans to address findings
• Evaluate the effectiveness of internal security controls and policies for compliance with applicable information security laws, regulations, and policies and recommend improvements and enhancements where applicable
• Deliver regular reporting on the information security risk program to the information security management committee
• Respond to security assessments, questionnaires and audits from prospects, customers, and third-party business partners through the Loopio Platform
• Work with business partners within the company and outside consultants on required information security risk assessments and third party audits
• Continue to build and maintain security into the culture of Loopio including managing information security awareness training program for all employees, and establish metrics to measure the effectiveness of the program

Preferred Qualifications

Professional certifications such as Certified Information Systems Security Professional (CISSP), International Information System Security Certification Consortium (ISC2), Certified in Risk and Information Systems Control (CRISC), Information Systems Audit and Control Association (ISACA), Certified Information Systems Auditor (CISA), CGEIT, Systems Security Certified Practitioner (SSCP)

Benefits

• Remote-first workplace
• Flexible hours
• Manager support with ongoing feedback and regular 1-on-1s
• Autonomy and responsibility
• Professional mastery allowance
• MacBook laptop
• Monthly phone and internet allowance
• Work-from-home budget
• Regular company socials, AMA (Ask-Me-Anything), and quarterly kick-off
• Opportunities for connections in a remote-first environment
• Employee Resource Groups
• Various fun virtual activities