TrueML is a mission-driven financial software company that aims to create better customer experiences for distressed borrowers. Consumers today want personal, digital-first experiences that align with their lifestyles, especially when it comes to managing finances. TrueML’s approach uses machine learning to engage each customer digitally and adjust strategies in real time in response to their interactions.
The TrueML team includes inspired data scientists, financial services industry experts and customer experience fanatics building technology to serve people in a way that recognizes their unique needs and preferences as human beings and endeavoring toward ensuring nobody gets locked out of the financial system.
TrueML’s InfoSec team maintains oversight and enforcement to ensure continued security and compliance. In this role, you touch the breadth of the operations working across all internal departments to identify and address information security issues systematically. The work will include security gap analysis, vulnerability management, event management, product engineers on best practices, and helping implement and validate relevant solutions.
What You'll Do:Hardening of technology, including software, hardware, and cloud servicesSupport the enforcement and maturation of the vulnerability management program (detection, analysis, reporting, remediation assistance)Documenting security-related issues, initiatives, and rulesBuilding and updating network and system diagramsSecure programming in a CI/CD environmentFully support the implementation of security safeguards that align with the business mission, goals, and objectives. Maintain compliance through regular security-related audits of laws, certifications, and contractsAdministration of various security tools, including anti-malware, SIEM, security scanners, and other technical controlsDesigning and tracking security metricsIncident Response Data Security Maturation
What We're Looking For:Technical Baccalaureate, Professional Certification (CISSP, C|EH, CompTIA CySA), or 4+ years of experience in information security Strong knowledge of information security fundamentalsPassionate about knowing the latest on trends and issues in the security industry, including new technologiesComfort with risk management frameworks and commercial certifications (PCI DSS, SOC 2, or ISO/IEC 27001)2+ years of experience securing cloud servicesAdvanced technical knowledge of infrastructure, applications, and cloud security modelsAdvanced knowledge of information security standards, rules, and regulations related to information security and data confidentialityCoding experience in Python and Linux shell scriptingWorking knowledge of content trackers, ticketing systems, continuous integration and deployment technologies, and relevant cross-integrationsExperience running audit and remediation projectsExcellent written and verbal communication skills
Bonus Points:CIS Controls® and Benchmark implementation and audit experience Advanced knowledge of the Federal Information Security Management Act (FISMA) and SOC requirements/auditingValidated analytical and problem-solving abilities and working knowledge of relevant legal and regulatory requirements, such as the Health Insurance Portability and Accountability Act (HIPAA)Current security certifications supporting application development and cloud operations: CSSLP, AWS Security, CCSP, etc.
Benefits, Perks, and Culture
- Everything you need to work remotely
- Medical/dental/vision insurance, 401k (with match), flex spending plan, and life insurance
- Family-friendly policies - parental leave, remote positions
- Unlimited PTO
- Transportation benefits
- Employee assistance program (EAP) + Wellness Coach for you and 5 others
- Paid time off to do volunteer work in your community!
We are a dynamic group of people who are subject matter experts with a passion for change. Our teams are crafting solutions to big problems every day. If you’re looking for an opportunity to do impactful work, join TrueAccord and make a difference.
Our Dedication to Diversity & Inclusion
TrueML and TrueAccord are equal opportunity employers. We promote, value, and thrive with a diverse & inclusive team. Different perspectives contribute to better solutions and this makes us stronger every day. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.