Job Title: Information Security Compliance Specialist
Location: Denver or Remote
The Information Security Compliance Specialist is responsible for the development, implementation and ongoing management of information security, enterprise risk management, and compliance. This role will work to ensure that Infinicept leadership has the information required to make strategic, risk-based decisions enabling the achievement of business objectives.
Infinicept is a thriving, innovative, fintech company headquartered in Denver, CO seeking an enterprising, motivated Information Security Compliance Specialist to join our rapidly growing team. Infinicept provides all the advantages of embedded payments to vertical software companies without all the usual disadvantages. Our tools and services simplify everything from onboarding and underwriting to administration and service. Our customers have more foresight, more freedom, and more follow-through across the entire process of embedded payments. Industry leaders such as Fivestars, Patientco, and NCR all use Infinicept. With over 200 customers in 25 countries, the Infinicept platform is growing at 800% per year, and reached #95 on the Inc. 5000 list in 2020. We offer an exciting, dynamic environment, using the latest technology to shape the future. We are seeking people who want to make a difference and who thrive in a collaborative environment where success is the ultimate result.
What You’ll Do:
You will participate in the development and delivery of governance, risk, security, and compliance processes, as well as prepare for and coordinate both internal and external audits. You will also help ensure that technologies and business operations are structured and configured for data protection and applicable compliance protocols.
You will work to ensure alignment of Infinicept policies and practices with risk and compliance expectations as well as review systems and processes for gaps between best practices, enterprise requirements, and Infinicept’s compliance with those requirements. You will provide, discuss, and implement recommendations to bridge compliance gaps, assess/review, and manage vendor/third-party contracts by working in tandem with our operations and sales divisions, as well as external customers.
Who You Are:
You are passionate about security and compliance and have a keen understanding of the importance of these functions within a growing organization. You are ethical and principled with the strength to stand by difficult decisions and be more influenced by right versus wrong than by relationships. You enjoy deciphering confusing or abstract laws or ethics and determining how to establish and integrate best practices. You are levelheaded, have great people skills, and can communicate and cooperate up, down, and across the organization. You have a spirit of ownership and the desire to drive the development of a robust compliance function within the organization.
Regulatory and Contract Compliance
- Track and perform all aspects of Prospect or Client Assessments, Contracts/Agreements, and Suppliers/Vendors for Infinicept.
- Support sales, business development and customer success with contracts, MNDAs, addenda, amendments, etc., ensuring alignment with corporate policies.
- Maintain corporate contracting requirements.
- Maintain database of contracts, run reports and queries, and manage contract renewal dates/deadlines.
- Assist with required corporate compliance filings and documentation as necessary.
- Coordinate written policies and procedures related to compliance activities and participate in their implementation throughout the organization.
- Maintain documentation of compliance activities, such as complaints received or investigation outcomes.
- Manage, assemble, and record keep Requests for Proposal (RFPs), prospect and client assessments, Data Security Questionnaires, etc., including building associated knowledge base.
Organizational and Third-Party Risk Management
- Maintain enterprise risk register.
- Manage risk exception and risk acceptance documentation and tracking and periodically engage workflow for risk exceptions to be re-assessed.
- Perform third party vendor management, including due diligence and risk review functions.
- Review, negotiate, and track vendors and vendor agreements for technical products, solutions or services.
- Stay informed on business news that can potentially represent third party risks such as vendor or prospective vendor mergers, acquisitions, or divestitures.
- Track and report on status and metrics such as risk levels, third party risk scores and compliance findings.
- 2+ years’ experience in the payments industry
- 2+ years’ experience with software and/or SaaS offerings and products
- Experience with compliance matters in the areas of financial services (e.g. OFAC, Anti-Money Laundering, NACHA, etc.)
- Exposure to laws and regulations in the fintech, payments, and banking industries
- PC literacy and experience using office web applications (e.g. Microsoft Office)
- Experience reviewing and/or managing information technology agreements for software licensing, software-as-a-service, and technical services.
- Skills with risk and compliance-related activities such as data tracking and analysis; collaborative communications and follow-up; project-planning; and report-writing
- Knowledge of risk management concepts
- Analytical skills for assessing impact and likelihood and quantifying and qualifying risk levels.
- Excellent organizational, interpersonal, communication, and presentation skills
Benefits for You:
Infinicept believes that all team members play an important role in our company’s success. That is why we strive to provide you with a competitive and comprehensive benefit program. We offer:
- Competitive salary range: $75,000-$95,000 annually
- Flexible vacation policy
- 15 paid company holidays per year
- Comprehensive health, dental, and vision benefits
- 401(k) with company match
- Flexible work from home policy
- Dog-friendly office
- Efficient in-office gym
- A progressive, passionate work environment
- An amazing team dedicated to both the company’s mission and your success!
Infinicept Core Values:
- Do the Right Thing
- Be Excellent (but perfect is impossible)
- Have Integrity
- Act Like an Adult
- Eat and Drink Well
Work remotely or in a typical office environment with other staff speaking on phones or engaging in limited team conversation. The role will involve long periods of stationary movement and frequent use of computers and other hardware. Physical efforts to carry out job duties may include some standing, bending, lifting, limited stretching, and reaching.
As part of our dedication to maintaining an inclusive and diverse workforce, Infinicept provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, or genetics. In addition to federal law requirements, Infinicept complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
*We are interested in every qualified candidate who is eligible to work in the United States. However, we are not able to sponsor visas.
**No external recruiters or agents, please.