Information Security Analyst at M1 Finance
Who we are
M1 Finance has created a personal wealth-building platform made for the modern era, uniting personal perspective and automated ease. We seamlessly combine free investing, low cost borrowing and digital checking all in one intuitive, automated Finance Super App, and we’re driven by a mission to empower personal financial well-being. We believe that financial well-being is fundamental to overall well-being, and we strive to deliver products that are simpler, smarter, and stronger than those created by our staid, boring, entrenched, slow-moving competitors in the personal finance industry.
Our clients have already trusted us with over $5 billion of assets, we’re currently helping hundreds of thousands of people grow and manage their wealth with our industry-leading automation and tools, and we’re adding thousands of new clients every day.
We’re looking for passionate people who want to improve and build on what we’ve created and take responsibility to help others build something meaningful and sustainable for their futures.
We mean it when we say, “M1 is yours to build.”
If this sounds interesting to you, we’d love to have you read on.
What You’ll Do
- Assist with the development and review of M1’s security policies and procedures
- Perform control assessments against corporate cybersecurity frameworks
- Perform assessments of adherence to standards
- Work closely with management on security efforts
- Assess 3rd party vendors for adherence to standards
- Develop routine reports in accordance with GRC metrics
- Stay on top of changes in the industry as it relates to security
- Assist in maturing the Information Security Risk Management Program by helping to define an Information Security risk register which includes identifying threats and risks to the organization
- Other security-related projects that may be assigned according to skills
- Collaborate with various teams including Compliance and Engineering to ensure M1 maintains compliance with all applicable legal and regulatory security requirements
- Possess current security or IT audit related certifications (e. g., Security+, CISA, CRISC, CISM, CISSP) or be willing to obtain within 1 year of assignment
- 1-4 years of experience working with an IT or Security Risk Management program
- Understanding and familiarity with cybersecurity frameworks and industry best practices (e.g., NIST, ISO, CIS, COBIT, etc.)
- Experience performing Third Party Security Reviews
- Familiarity with the FinTech or Financial industry is a plus
- Strong documentation and communication skills
- Experience developing and implementing policies, standards, and procedures
- Experience performing self-assessments to ensure compliance with policies, regulatory and legal requirements, and leading industry practices.
Our team embodies our eight core principles and if these principles speak to you – we’d love to talk with you.
- Mission Driven: We will passionately apply ourselves to deliver immense value to our customers, knowing if they succeed, so too will the company.
- Extreme Ownership: We think and act like owners. Our focus is on building long-term value, not scoring short-term marks. We own everything in our domain, including the outcome and everything that affects it.
- Boldness: We want to do things of consequence. Make a difference. We would rather fail at something meaningful than succeed at something trivial.
- Bias for action: The best way to make progress is to act.
- Economical: Efficiency is important, and we consider both the costs and benefits of our actions.
- Team-oriented: In working together, we maintain a low ego, make everyone feel welcome, assume good intent, trust one another, and seek out different perspectives. We empower our teammates to be at their best.
- Challenged, but not overwhelmed: We are curious people who always want to grow. Growth happens outside our comfort zone. We achieve our potential through consistent, manageable growth.
- Integrity: We do the right thing. When we make mistakes, we own and correct them. We would be proud of our actions are shared with our family, friends, and strangers. Everyone can count on us to act according to our values, beliefs, and principles we state we hold. This trust must never be broken.
- Unlimited PTO
- Comprehensive health, dental, vision, disability, and life insurance
- Stock options for all employees
- Retirement benefit with employer match
- $500 to spend on home office equipment while working from home
- Stylish M1 swag
- Socially distant team outings, celebrations, and events
- Transparent and open communication
- Office in the Loop with a Game Room and Gym