Information Security Analyst

Back to jobs New Information Security Analyst Remote Apply About the Company Valon’s mission is to empower every homeowner. We believe the journey of home ownership starts when you get your keys, but lasts far beyond. We’re creating a world where home ownership comes with ease, security, and financial know-how. Our growing team of engineers, operators, product enthusiasts, and experienced servicing professionals are leveraging technology to fundamentally improve the homeownership experience. Through mortgage servicing—the process of paying off one’s mortgage—Valon is taking the first step in transforming the industry one homeowner, and lender, at a time. ABOUT THE TEAM Our customers entrust us with some of their most sensitive and personal financial information, and it is the ultimate mission of Valon’s Security team to ensure we have sound programs, processes, and automation in place to safeguard our customers’ data. The Security team protects the infrastructure and data for processing billions of dollars of mortgage loans. We work cross-functionally with product, engineering, IT, legal, and more to enable security throughout the organization and engage with internal and external assessors to continuously evaluate Valon’s security posture. ABOUT THE ROLE We are seeking a motivated Information Security Analyst to join our growing team! As a key security member at Valon, you will play a critical role in ensuring the security of our organization's systems, cloud infrastructure, products and data. This role will be working closely with the CISO and the Security team, and is responsible for ensuring the company’s technical controls meet security compliance requirements, managing risks and remediation, supporting operational and monitoring efforts, and driving program management activities. The ideal candidate has a strong foundation in security principles, an eye for detail, a proactive approach to problem-solving, and the ability to collaborate with cross-functional teams to ensure we protect our most critical assets to uphold trust with our customers and stakeholders.   RESPONSIBILITIES Assist in implementing and maintaining compliance with frameworks (SOC 2, NIST CSF, CIS) and regulatory requirements (NYDFS, GLBA, Safeguards, CCPA and related) Support internal and external security audits and exams, including evidence gathering and remediation tracking Review, manage, and monitor security policies for compliance Manage and coordinate remediation for vulnerability, security, and compliance issues across stakeholders Conduct security risk assessments and monitoring Support on-call and operational security activities including monitoring security alerts, investigating incidents, vendor security reviews, security awareness and training, and other tasks Manage and track security metrics, KPIs and reporting Manage security policies, standards, and procedures Maintain customer facing security documentation and informational assets     IDEAL BACKGROUND Minimum of 2-3 years as a security analyst or security program manager with relevant responsibilities and background What skills are needed to succeed in this role? Security compliance including security frameworks/certifications (SOC 2, NIST CSF, CIS, ISO) and regulatory requirements (NYDFS, GLBA, Safeguards, CCPA and related) Security controls development Risk and issue remediation Security reviews / risk assessments Vulnerability management Security policies, standards and procedures Good program and project management skills Ability to organize and prioritize work in a dynamic and fast paced environment Ability to work independently with some direction   Great to Have (but not required) Relevant security certifications based on career experience (CompTIA Security+, CC, SSCP or related), or seasoned career level (CISSP, CISM, CRISC or related) Cloud environments - GCP is a plus Knowledge of other security domains (Access management, Detection & Response, Vulnerability Management, Cloud Security, Logging & Monitoring) is a plus Startup environments exposure, or environments building from the ground up Location: US (Remote) or NYC office (Hybrid - onsite)     Throughout the interview process, please remember that emails will only be from valon.com emails. We won't ever be asking for any personally identifiable information during the interview process itself. Please reach out to talent@valon.com if you have any requests to verify the authenticity of an outreach.   Valon is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. Valon makes hiring decisions based solely on qualifications, merit, and business needs at the time. Create a Job Alert Interested in building your career at Valon? Get future opportunities sent straight to your email. Create alert Apply for this job * indicates a required field Autofill with Greenhouse First Name * Last Name * Preferred First Name Email * Phone Resume/CV Attach Attach Dropbox Google Drive Enter manually Enter manually Accepted file types: pdf, doc, docx, txt, rtf Cover Letter Attach Attach Dropbox Google Drive Enter manually Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Website Which (if any) security compliance including security frameworks/certifications do you have? e.g. (SOC 2, NIST CSF, CIS, ISO) and regulatory requirements (NYDFS, GLBA, Safeguards, CCPA and related) * Submit application