Information Security Analyst

We are seeking a dedicated Information Security Analyst to join our team at Betterment HQ in New York City. This role is crucial in protecting our organization’s information assets and ensuring compliance with regulatory requirements. The ideal candidate will possess strong analytical skills, a proactive mindset, and a passion for cybersecurity.

Location: Remote (U.S. or Canada) Type: Full-Time for U.S. Applicants; Independent Contractor for Canadian Applicants About Human Agency At Human Agency, we are rapidly expanding and are on the lookout for exceptional talent across various fields. Our mission is to attract individuals ranging from creative visionaries to technical specialists and entrepreneurial leaders, all of whom can contribute to our exciting growth phase. We pride ourselves on fostering a culture of collaboration and hands-on leadership. Titles do not shield us from constructive feedback; instead, we embrace it to continuously elevate our standards. Here, the best ideas prevail regardless of their origins, as we are committed to delivering outstanding results for our clients. Our clients’ missions and products are paramount. We deeply engage with their objectives, acting as custodians of their goals and partners in tackling significant challenges. Every strategy, asset, or solution we design is crafted to be not only aesthetically pleasing but also highly functional and impactful in real-world scenarios. People are our greatest asset. We grow by selecting individuals who inspire us to reach new heights. From strategy and engineering to design and operations, we seek team members who can elevate our performance. We believe in hiring individuals who can push us forward, never backward. We collaborate with organizations of all sizes to explore, develop, and implement AI strategies that are secure, scalable, and centered around human needs. Our conviction is that AI should enhance human capabilities rather than replace them, and this belief drives every project we undertake. Whether through advisory services, tool development, or educational initiatives, we meet clients at their point of need and help them integrate AI aligned with their mission and values. Our aim is to empower teams to work smarter, act faster, and unlock new opportunities through thoughtful and responsible innovation. At Human Agency, we lead with purpose, passion, and a sense of adventure. We engage in meaningful work with people we respect, turning the journey into an exciting adventure. Who we are and how we operate are intertwined in everything we do. The Opportunity This role is not a conventional enterprise CISO position where you take over an existing infrastructure, manage a large team, and maintain the status quo. Instead, this is a dynamic and entrepreneurial position where you will be at the forefront of AI security, designing innovative systems, tackling emerging challenges, and positioning security as a strategic advantage rather than merely a cost center. We are implementing AI agents at scale across client environments, developing proprietary AI-powered tools, and advising organizations on how to safely incorporate autonomous systems into their missions.

Role Overview FalconX is hiring a Director of Security based in New York City, NY. This leader will shape and drive security efforts to safeguard digital assets and uphold operational integrity. The Director will set direction for security strategy, ensuring it supports business goals and protects systems and data. Key Responsibilities Develop and execute security strategies that support company objectives Oversee security assessments and incident response processes Maintain and improve compliance protocols Promote security awareness throughout the organization What FalconX Looks For Technical expertise in security practices and frameworks Strategic vision for aligning security with business needs Experience leading security initiatives and teams Ability to build a culture focused on security awareness

The City of New York is seeking a visionary and dynamic Executive Director for the Office of Information Privacy. This pivotal role will involve overseeing the development and implementation of strategies to ensure the privacy of personal information in compliance with applicable laws and regulations. The successful candidate will lead initiatives to enhance transparency and accountability in data governance, ensuring that the City remains at the forefront of data protection and privacy practices.

Role overview The City of New York seeks a Deputy Chief Information Security Officer to help lead its cybersecurity program. This senior role shapes the city's information security strategy and works to protect critical data and technology systems from new and evolving threats. Key responsibilities Work closely with senior leadership to define and carry out information security strategy Create and update security policies for the city’s technology environment Supervise incident response and coordinate actions during security incidents Lead risk assessments and oversee compliance audits Support security awareness by directing training programs across city departments Location This role is based in New York City.

Blankstreet seeks a Director of Corporate IT & Security to join its New York City office. This leadership role shapes the company’s technology direction and safeguards digital resources. The position calls for a balance of strategic planning and hands-on oversight to ensure IT systems and security practices support business needs. Role overview This director will define and execute IT strategies that align with Blankstreet’s broader goals. The work centers on maintaining strong security standards while driving technology initiatives forward. Key responsibilities Guide the development and implementation of IT projects Connect technology planning with business priorities Maintain high standards for security practices Lead efforts to protect company systems and sensitive data Requirements Background in leading IT and security teams Skill in setting strategies for both technology and security Interest in how technology advances business outcomes

The City of New York is seeking a dynamic and experienced professional to join our team as the Deputy Director of Communications and Public Information. In this pivotal role, you will be responsible for developing and implementing comprehensive communication strategies that enhance public engagement and inform citizens about city initiatives.As a key member of the communications team, you will collaborate closely with city officials and stakeholders to craft compelling narratives and messages that resonate with diverse audiences. Your leadership will guide the efforts to maintain transparency and foster a positive public image of city operations.

About Our TeamAt OpenAI, our dedicated Security team is committed to providing our researchers, engineers, and staff with seamless access to the tools and resources necessary for optimal productivity, security, and comfort. As an Enterprise Security Engineer, you will thrive in a highly technical, collaborative environment focused on employee satisfaction.Our IT team, though compact and agile, covers a wide array of security domains, empowering you to contribute to innovative solutions and build robust systems from the ground up. With strong support and ample resources, we aim to implement a world-class enterprise security program.Role OverviewIn the role of Enterprise Security Engineer, you will play a key role in safeguarding OpenAI's internal information systems through the implementation and management of security protocols. You will collaborate closely with our IT and Security teams to enhance security capabilities, enforce policies, and monitor systems for potential threats.This position is available for remote work or relocation assistance can be provided for candidates moving to San Francisco.Your Responsibilities Will Include:Designing and executing robust security measures to protect our organization's information assets from unauthorized access, disclosure, or misuse.Monitoring both internal and external systems for security threats and responding promptly to alerts.Contributing to and enforcing IT and Security policies and procedures across the organization.Collaborating with the IT department to fortify our infrastructure using best practices in AzureAD, GSuite, GitHub, and other SaaS tools.Providing guidance to employees on best practices for securing endpoints, as well as office AV and network infrastructure.Creating innovative sharing controls and associated monitoring to safeguard company data, including intelligent group management, Data Loss Prevention (DLP), and other relevant security controls.Implementing forward-thinking models such as 'secure by default' and 'zero trust' to establish sustainably secure environments for knowledge workers and developers.Identifying and addressing vulnerabilities within our internal systems while adhering to best practices for data security.Utilizing our AI-driven models to enhance systems for improved security detection and response, data classification, and other security-related tasks.

Join Crosby as a Security Engineer, where you'll play a pivotal role in safeguarding our information systems and data integrity. As a vital member of our security team, you will implement robust security measures, conduct risk assessments, and collaborate with cross-functional teams to protect our infrastructure from potential threats.

Anaplan, Inc. is hiring a Director of Security Trust & Risk based in New York City. This leadership role focuses on safeguarding company data, ensuring confidentiality, and maintaining the integrity of information systems. The director will guide the development and execution of security strategies that align with recognized industry standards. What you will do Create and roll out security policies and procedures throughout the organization Monitor and enforce compliance with industry standards and regulatory requirements Encourage security awareness and share best practices with employees Role focus This position oversees the company’s approach to risk management and information protection. The director plays a key part in shaping a culture of security and trust across all levels of the organization.

As the Assistant Director of Security for the City of New York, you will play a critical role in ensuring the safety and security of our city. You will oversee security operations, collaborate with various agencies, and implement strategies to mitigate risks. Your leadership will be essential in fostering a safe environment for residents and visitors alike.

About the RoleJoin our dynamic team at FanDuel as we seek a skilled Senior Enterprise Security Engineer. This pivotal role requires a professional who is dedicated to crafting and implementing enterprise security control strategies, while also shaping our security posture. You will play a key role in balancing risk reduction with user experience and operational enablement at scale.Reporting directly to the Senior Manager of Enterprise Security Engineering, you will tackle diverse security challenges and lead initiatives that foster a secure environment for our operations.Your ResponsibilitiesImplement cutting-edge models such as “secure by default” and “zero trust” to maintain a robust security posture.Act as a security subject matter expert, collaborating with internal teams to meet business objectives and overcome security challenges.Develop and manage team roadmaps while staying informed of the latest threats and identifying security risks independently.Utilize automation and development approaches to enhance enterprise-wide security controls.Employ AI technologies to amplify the effectiveness of Security Engineering and FanDuel's operations.Support the security organization as needed, fostering a collaborative team environment.What We’re Looking ForProven expertise in security engineering across multiple domains, including Zero Trust, Endpoint Security, Data Protection, and more.Intermediate proficiency in scripting languages such as Python, Go, or Ruby; experience with Python and PowerShell is a plus.Familiarity with identity access management frameworks and protocols like SAML, SCIM, OAuth, and WebAuthN.Ability to model threats to corporate infrastructure and implement preventative architectures and controls.Strong communication skills to work effectively with a diverse range of partners, from engineering to legal teams.Adeptness in navigating rapidly evolving environments with a focus on solving ambiguous challenges.

About the Opportunity At Contentful, we are dedicated to creating a secure and reliable service. Our commitment to security encompasses significant investment in resources and efforts. Our Security team plays a pivotal role in managing information security across the organization and collaborates closely with various internal teams. We believe in embedding security within our DevOps principles, ensuring robust and repeatable processes. We are seeking an enthusiastic and dedicated Manager of Security Engineering, someone who is eager to tackle complex security challenges with innovative and scalable solutions. In this role, you will oversee security engineering initiatives for Contentful's corporate systems, including the tools and platforms that empower our internal security team. Although this position is not responsible for customer-facing product security, you will work in tandem with product security teams within our security organization on overlapping responsibilities. Your role will involve a blend of leadership and hands-on technical execution, focusing on designing, implementing, and managing security controls and tools at scale. Key areas of focus will include identity and access management, data security, and SaaS platforms. You will provide strategic direction and spearhead initiatives while remaining actively involved in their execution. While you may work independently at times, you will frequently collaborate with security leadership, IT, and cross-functional partners to align strategies, implement shared initiatives, and effectively mitigate risks while minimizing impacts on end users across the organization. What to Expect? Develop a high-performing team through coaching, mentorship, goal setting, and performance feedback. Define roles and make hiring decisions to expand the team in alignment with departmental needs. Maintain a hands-on approach, balancing technical leadership with direct implementation work. Own execution and prioritization across projects and operations, utilizing agile delivery practices. Enhance effectiveness and efficiency by refining processes and tools. Champion continuous improvement across all facets of the security program. Communicate risks and technical concepts clearly to leadership and stakeholders. Collaborate with security leadership to execute business-aligned, risk-reduction roadmaps. Shape work scope, sequencing, and success criteria in line with departmental and company objectives. Drive security processes, standards, and best practices across information technology assets.

Join Hudson River Trading (HRT), a pioneering firm in the trading space, as the Lead for Security Governance, Risk, and Compliance within our expanding Information Security team. This pivotal role will spearhead the security governance initiatives for HRT entities across America, Europe, and Asia, driving the automation of security governance at scale.In this hands-on position, you will collaborate closely with HRT’s Compliance and Legal teams to research, develop, and uphold security solutions tailored to a diverse range of industry regulations and requirements. You’ll lead a skilled technical team tasked with strategically ensuring HRT’s compliance with global security standards, facilitating our growth into new markets with complex regulatory landscapes.

Ivalua is seeking an IT Manager for its Security Operations Center (SOC) in New York City. This leadership role centers on protecting company information systems and data while guiding a dedicated SOC team. Key responsibilities Lead and support the Security Operations Center team, providing direction and oversight Supervise daily security operations to safeguard information systems and sensitive data Implement and maintain security protocols across the organization Monitor compliance with industry standards and ensure all practices align with regulatory requirements Strengthen Ivalua’s security posture and contribute to the protection of client information Role focus This position combines hands-on management with strategic oversight. The IT Manager will work to ensure that security measures are current, effective, and consistently applied throughout the organization.

Join Greenboard as the Head of Technical SecurityAt Greenboard, we are pioneering the future of financial compliance through our AI-driven, unified compliance operating system. Our platform serves a diverse range of clients including RIAs, fintechs, private funds, and hedge funds, effectively replacing outdated systems and automating processes like never before. By consolidating data and workflows, we empower firms to mitigate regulatory risks, streamline their technology stack, modernize compliance operations, and ultimately save costs.Our team boasts engineers with extensive experience from Amazon, Google, and other leading startups, backed by top-tier investors such as Y Combinator and General Catalyst, with over $20 million raised to date. Trusted by prominent financial institutions, Greenboard is on a rapid growth trajectory.Role OverviewWe are seeking an experienced security engineer to lead and enhance our security strategy as we expand. As the first dedicated security hire on our engineering team, you will play a crucial role in defining our security approach, addressing compliance frameworks, conducting vendor assessments, implementing infrastructure security measures, and promoting secure development practices.This position offers high impact and autonomy, requiring collaboration with engineering, product, and business teams to ensure we are developing securely, meeting compliance standards expected by our fintech clients, and proactively countering security threats as we grow internationally.Your ResponsibilitiesTechnical Security ManagementIdentify, prioritize, and remediate vulnerabilities across all layers — from infrastructure to application and network.Oversee third-party penetration testing activities and coordinate internal responses to findings.Embed security measures throughout the development lifecycle, including code reviews, SAST/DAST tools, dependency checks, and developer security training.Manage credential and secret handling, focusing on rotation policies, vault configurations, and access controls.Lead infrastructure patching and hardening initiatives while collaborating with engineering teams to maintain current systems without hindering delivery.Compliance & Framework LeadershipSpearhead our SOC 2 compliance program, including audit preparations, evidence gathering, and tracking remediation efforts.Enhance and uphold our GDPR compliance, working alongside legal and product teams to ensure data protection standards are met.Lead efforts towards ISO 42001 certification, developing and maintaining necessary AI management frameworks.

Anthropic brings together researchers, engineers, policy specialists, and business leaders to build AI systems with a strong focus on reliability, interpretability, and steerability. The company’s mission is to ensure AI technology benefits users and society as a whole. Role overview The Director of Data Center Security Operations for North America leads the strategy for physical security across Anthropic’s network of data centers. This includes both company-owned facilities and those managed by colocation partners. The position works closely with construction and operations teams, starting from early design stages through commissioning and into daily operations. The role shapes the security framework that protects key AI computing resources for the company. Key responsibilities Develop and implement physical security strategies for data centers throughout North America. Work with construction and operations teams from the initial design phase through ongoing operations. Create and uphold policies and standards for regional data center security. Manage relationships with vendors and guard-force partners to support daily security operations. Lead incident response efforts, including being present on-site during critical events. Represent security interests with infrastructure, computing, real estate, and legal teams as Anthropic grows. What Anthropic looks for Comfort working in a developing function and adapting to evolving strategies and ambiguity. Experience providing direction without established playbooks. A perspective that views security as a partner to business success. Location This position is based in San Francisco, CA or New York City, NY.

Join Our Innovative Security TeamAt OpenAI, security is paramount to our mission of ensuring that artificial general intelligence serves the best interests of humanity. Our dedicated Security team safeguards OpenAI’s technology, personnel, and products. We are technical in our solutions and operational in our approach, committed to supporting all aspects of our products and research. Our guiding principles include prioritizing impactful initiatives, empowering our researchers, preparing for future technological advancements, and fostering a robust security culture.Your Role as an Application Security EngineerIn the role of Application Security Engineer, you will play a vital part in identifying and mitigating security vulnerabilities within our software applications. This involves creating security tools, conducting code reviews, performing penetration testing, and executing comprehensive security assessments.We seek individuals who will collaborate closely with development teams to embed secure coding practices throughout the software development lifecycle, preemptively addressing security risks. You will also offer security guidance to developers and stakeholders, promoting a culture of security awareness across the organization.This position is based in New York City, but we also consider candidates for remote work. Our hybrid work model requires three days in the office each week, and we offer relocation assistance for new employees.Key ResponsibilitiesConduct Security Assessments: Regularly perform security assessments, code reviews, and penetration tests to identify vulnerabilities in applications and software.Create and Implement Security Tools: Design and develop security tools, frameworks, and methodologies to defend applications against potential threats.Collaborate with Development Teams: Work hand-in-hand with development teams to ensure security best practices are integrated throughout the software development lifecycle, including secure coding standards.Threat Modeling and Risk Assessment: Carry out threat modeling and risk assessments to proactively identify potential risks and devise effective mitigation strategies.Manage Vulnerabilities: Track, analyze, and manage vulnerabilities within applications, providing guidance and support for remediation efforts.Incident Response Support: Assist in incident response efforts and contribute to the development of incident response protocols.

Employee Applicant Privacy Notice About SoFi SoFi is a national bank and financial services provider focused on helping millions of members achieve their financial goals. The company builds mobile-first technology that empowers users to take control of their finances. SoFi’s work directly impacts people’s lives and shapes the financial industry. Core values guide the team as they work to improve both careers and the broader financial landscape. Role Overview The Security Product Lead for Product & AI Security sets the strategy, roadmap, and measurable outcomes for securing SoFi’s product lifecycle and supporting AI/ML initiatives. This position sits within the Security Strategy & Delivery team and works closely with leaders and teams in Product Security, Engineering, and Data Science/AI. Main Responsibilities Define and communicate the strategic direction for Product Security and AI Security as internal security products. Align security initiatives with enterprise risk priorities. Develop and maintain a clear roadmap for security capabilities. Establish and track key performance indicators (KPIs) to measure success. Implement structured program governance for security initiatives. Collaborate across teams to integrate security controls throughout the software development lifecycle (SDLC). Address unique risks associated with AI/ML systems. Influence stakeholders and drive alignment without direct authority. Help protect member trust, company assets, and support business stability and growth. Location Roles are available in Seattle, WA; Cottonwood Heights, UT; San Francisco, CA; New York City, NY; and Frisco, TX.

About the Role Sigma Computing is seeking a Senior Security Engineer II focused on Cloud & Data Security to help safeguard our large-scale, cloud-native SaaS platform. This position centers on engineering: building security solutions, not just operating existing tools. The role calls for a subject matter expert in cloud security architecture. Collaboration with Engineering, Security, and Product teams is key, as is designing scalable controls that support business growth. Responsibilities include creating secure architectures, integrating controls into infrastructure-as-code, and setting up automated guardrails so teams can move quickly without waiting for manual security sign-offs. This is a hands-on position for someone who thrives in complex cloud environments, values automation, and knows how to scale security for a growing SaaS company. What You Will Do Architectural Leadership: Work closely with infrastructure and engineering teams to embed security into development workflows. Lead technical discussions that shape security strategy and initiatives. Multi-Cloud Engineering: Design, implement, and refine Sigma’s cloud security across AWS, GCP, and Azure, using deep architectural expertise. Threat Modeling & Incident Response: Conduct threat modeling for cloud environments and handle incident response, including investigation and remediation of malicious activity. Identity & Access Management: Develop strategies for IAM and privileged access (RBAC/ABAC, federation, least privilege, cross-account access). Remove standing privileges and long-lived credentials, and promote zero-trust and privileged access controls across IaaS and SaaS. Cloud Data Security Controls: Implement data classification, encryption/KMS, masking/tokenization, access governance, retention and deletion policies, and reduce exfiltration risks across APIs and data pipelines. Automated Remediation Workflows: Build automated responses for recurring cloud misconfigurations, drift, and policy violations to improve operational efficiency and response times. Security Stack Management: Deploy and manage cloud-native services, including CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security tools. Network Defense: Evaluate and implement zero-trust network security measures. Location: New York City, NY