Vice President – Information Security

Job not on LinkedIn

🔥 0 minutes ago

🇺🇸 United States – Remote

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

brightfin

WebsiteLinkedInAll Job Openings

201 - 500 employees

💳 Fintech

🏢 Enterprise

☁️ SaaS

Fintech • Enterprise • SaaS

brightfin is a company that specializes in Telecom Expense Management (TEM) solutions. Their platform integrates mobile, telecom, and cloud expense data into ServiceNow, enabling businesses to track, allocate, and optimize their IT expenses effectively. With features such as automated workflows and centralized asset management, brightfin helps organizations achieve cost savings and operational efficiencies.

📋 Description

• Own our security program end to end: governance, compliance, customer trust, and product security. • Design and run brightfin's Information Security Management System (ISMS), aligned to NIST CSF and ISO 27001 principles • Own SOC 2 Type II compliance — including annual audits, evidence collection, and continuous monitoring • Maintain and mature security policies, standards, and procedures across the organization • Lead the company's incident response program: planning, tabletop exercises, and live incident management • Own the security review process for enterprise deals — respond to RFPs, security questionnaires, and customer audits • Develop and maintain a security trust portal and standard documentation package • Build and maintain a risk register; report on risk posture to the executive team and board quarterly • Manage third-party and vendor security risk, including contract review and ongoing monitoring • Ensure compliance with applicable data privacy regulations (GDPR, CCPA, HIPAA where applicable) • Partner with the engineering team on secure SDLC practices — code scanning, dependency management, penetration testing • Drive cloud security posture management for our AWS/Azure/GCP environments • Own the vulnerability management program: triage, prioritization, and remediation tracking • Hire and manage a small initial security team (target: 2–3 hires in year one) • Run security awareness training and phishing simulation programs company-wide • Build a security-conscious culture without creating friction for a fast-moving engineering team

🎯 Requirements

• 6+ years in information security, with at least 3 in a leadership role • Demonstrated experience building or scaling a security program at a B2B SaaS company • Deep SOC 2 ownership experience — you've led Type II audits, not just participated in them • Strong working knowledge of NIST CSF, ISO 27001, and cloud security (AWS preferred) • Experience running the security side of enterprise sales cycles — responding to security questionnaires, hosting customer calls • One or more certifications: CISSP, CISM, CISA, CRISC, or equivalent

🏖️ Benefits

• brightfin offers a comprehensive health, dental and vision benefits package. • Paid time off. • We strongly believe in work-life balance and taking time for yourself. • 401K with employer match