Chief Information Security Officer (remote position)
We are in search of a full time CISO to be the steward of one of our company’s most important disciplines: keeping our customers’ (and our own) data safe. This role will have full ownership of our information security, data protection and compliance disciplines, encompassing both our company’s internal operations and our market-leading fintech platform. To date, our CTO has owned this function, with augmentation from a consulting CISO. We have developed a culture that ingrains security. Although we have managed well, including maintaining a SOC2 Type II certification, as our company and customer base have grown, the time has come to give this function the attention a dedicated CISO can offer. This role will entail working closely with a range of internal and external stakeholders and will report through the CTO.
Email firstname.lastname@example.org to apply.
Your primary responsibilities will include:
- Maintain, implement, evolve and monitor our information security and risk management program.
- Being a thought leader: Keeping tabs on the security landscape and making sure our team is updated and proficient. Work closely with the product and development teams to ensure our product and infrastructure security are in keeping with latest best practices
- Ownership of compliance programs for frameworks such as SOC2 Type II or ISO27001.
- Identify and mitigate risks
- Incident response planning, testing, and execution
- Work with outside experts in penetration testing, application security testing, and specialized code review projects
- Maintain security informational packages for and respond to inquiries from prospective and current clients (all regulated entities with certain diligence requirements).
- Oversight of the company’s cloud and IT practices as they relate to security and compliance.
We expect candidates to have:
- 7+ years of relevant CISO or security experience.
- Fantastic communication skills in both spoken and written forms, able to explain complex ideas to various audiences including internal teams and external customers or auditors
- Direct experience leading and managing an information security program (and systems) to support SOC 2 and ISO 27001 compliance
- Understanding of and experience with data privacy compliance frameworks and requirements
- Understanding of and experience with secure software engineering practices – working in an organization that writes its own secure software.
- Relevant experience managing security on cloud platforms (e.g. AWS).
- Proven experience implementing and managing technical controls to support observability for potential security events. E.g. SIEM
- Experience with common security monitoring, log analysis and forensic tools
- Certification in one or more technical information security disciplines (e.g. CISSP, CISM, CISA, SSCP, CCSP)
More About Holistiplan
Founded in 2019, Holistiplan was created by two CFP® professionals to help others in the field scalably provide financial planning services to clients. Holistiplan’s mission is to develop financial planning software that helps advisors solve the problem of how to do high quality planning as efficiently as possible for all of their clients. We bring high quality planning to every advisor so they can bring it to every client.
What it’s like to work at Holistiplan
Holistiplan is a fast-moving startup that takes the time to build collegiality and shared experience amongst all team members. We’ve forged a culture of respect where everyone’s input is valued. You’ll find yourself working alongside colleagues who are friendly and willing to go the extra mile to help out. Wins are celebrated and leadership is open to new ideas and concepts, which has helped the company grow at a swift pace. Feedback is valued and encouraged, and employees are given the autonomy they need to do their jobs effectively without being micromanaged.
Holistiplan employee benefits
- Health insurance (% paid for employee; % paid for employee family members)
- 401k with matching contributions
- Unlimited PTO/Paid holidays/Sick days
- Flexible Hours
- Fully remote workforce
- Hang out. In real life. Our Camp Holistiplan company retreats are a great time!
Highlights and awards
Holistiplan has more than 13,000 advisors and 4000 companies on its platform, with company growth set to expand quickly over the next year.
- #1 Tax Planning Software in the 2022 T3/Inside Information Software Survey
- #1 in Tax Planning in the 2021 Kitces Research Technology Study
- #1 Tax Planning Software in the 2021 T3/Inside Information Software Survey
- 2019 XY Planning Network Annual FinTech Competition Champion
- Holistiplan has been featured in Yahoo Finance, The Street, Financial Advisor Magazine, and many more.