Foundation Finance Company Careers

Develop and oversee the company's information security program, manage security operations, and ensure compliance with industry standards and regulations. | Extensive experience in information security leadership, familiarity with SOC 2, NIST, cloud architectures, and relevant certifications. | This a Full Remote job, the offer is available from: United States Overview: Director of Information Security and Technical Operations Duties: The Director of Information Security and Technical Operations is responsible for the strategy, implementation and day to day management of the Company’s information security program and core technology operations, including infrastructure, network administration and shared technology services. This role is critical for a regulated financial institution and ensures the Company meets and maintains FTC, NYDFS, SOC 2, NIST, and other applicable regulatory and industry standards. Pay Range: USD $170,000.00 - USD $200,000.00 /Yr. Responsibilities: Essential Duties and Responsibilitiesinclude the following. Other duties may be assigned. • Develop, own, and continuously improve the Company’s enterprise-wide Information Security Program, including strategy, policies, standards and roadmap, in alignment with business and regulatory requirements (FTC Safeguards Rule, SOC 2, NIST 800‑53/CSF, NYDFS 23 NYCRR 500). • Direct and lead day‑to‑day security operations and maintain ongoing operation of secure network architectures, including segmentation, firewalls, VPNS, connectivity with vendors, threat detection, incident response, vulnerability management, and security monitoring across cloud and on‑prem environments. • Oversee core technology operations, including IT infrastructure, network administration, endpoint management, identity and access management and core productivity/tech services platforms. • Own the security and technology controls required for SOC 2 audits, including evidence collection, control operation, remediation plans, and engagement with external auditors and customer due diligence teams. • Implement and maintain a risk management framework aligned to NIST and serve as the Company’s designated Qualified Individual for purposes of the FTC Safeguards Rule, overseeing compliance with NYDFS 23 NYCRR Part 500, including risk assessments, incident response coordination, treatment plans, and regular reporting of risk posture to executive leadership and the board. • Partner closely with Product, Engineering, and Data teams to embed security‑by‑design, conduct security architecture reviews, and manage application and API security across the fintech platform. • Lead third‑party and vendor security risk management, including due diligence, contract security requirements, ongoing monitoring, and exception management. • Define and track security and operational KPIs/KRIs (e.g., incident MTTR, patching SLAs, control coverage, uptime/availability) and present regular metrics and program updates to senior leadership and the board. • Develop and manage the information security and operations budget including resource planning and tooling strategy, as well as establish training programs tailored for a fintech workforce to support scalable and efficient growth. • Other duties as assigned by management. Must be able to come to work promptly and regularly. Must be able to take direction and work well with others. Must be able to work under the stress of deadlines. Must be able to concentrate and perform accurately. Must be able to react to change productively. Qualifications: Minimum Qualifications: • Bachelor’s degree in computer science, engineering, business or similar relevant field; master’s degree preferred. • At least 4 years in a senior leadership role (Director, Senior Director, Head of Security, CISO, or similar) in a cloud centric or SaaS/fintech environment. • Minimum 8 years of progressive experience in information security and IT operations. • Strong working knowledge of SOC 2 compliance, leading audits, meeting NYDFS and FTC information security requirements or similar financial sector regulations, including governance and reporting obligations, NIST security frameworks (e.g., NIST CSF, NIST 800 53). • Experience mapping and implementing controls across hybrid/cloud environments. • Understanding of modern cloud architectures (AWS/Azure/GCP), DevSecOps practices, identity and access management, endpoint security, and security monitoring / SIEM platforms. • Relevant certifications such as CISSP, CISM, CISA, CCSP, or equivalent and experience with additional frameworks and regulations (e.g., ISO 27001, PCI DSS, GLBA) preferred. Description: About Foundation Finance: Foundation Finance Company (FFC), a Great Place to Work® certified company since 2017, is a fast-growing consumer finance company working with home improvement contractors across the U.S. to drive sales through flexible, customer-focused financing options. Available Benefits: · Day-one Health Benefits (medical, dental, vision, and flexible spending options like HSA or FSA accounts). · 401(k) with company match enrollment on day-one. · Paid, Sick and Volunteer Time Off · Paid Parental Leave Options · Employer Paid Life and Disability · Wellbeing on Demand Program · Flexible Work Environment with a casual dress code • Employment status (full-time or part-time) may affect eligibility for certain benefits. Some benefits become available only after a specified period of employment. Please refer to our Benefits page for details. Working Conditions: Office environment with significant time spent sitting, typing and talking on the telephone. Foundation Finance Company provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. If you reside in the state of Colorado, please click on the following link to review our benefits: Foundation Finance Benefits These benefits are designed to support our employees in their professional growth, health, and overall well-being. Eligibility, coverage details, and enrollment processes will be provided during the onboarding process. At Foundation Finance Company, we are committed to fostering a positive work environment where employees can thrive both personally and professionally. Remote Work: Foundation Finance Company LLC requires that remote employees must reside in one of the following states to be considered for any of our remote positions: AL, AR, AZ, CO, FL, GA, IL, IN, KY, LA, MD, MI, MN, MO, MS, NC, NJ, NV, NY, OH, OK, OR, SC, TN, TX, UT, VA, WA, and WI. This offer from "Foundation Finance Company Careers" has been enriched by Jobgether.com and got a 72% flex score.