Information Security Officer at Octus

Offer summary

Qualifications:

Bachelor's degree in Information Security, Computer Science, or related field, or equivalent experience., 5+ years of experience in information security, focusing on compliance, vulnerability management, or security assessment., Strong knowledge of security frameworks and standards such as SOC, NIST, and ISO 27001., Excellent analytical, problem-solving, and communication skills..

Key responsibilities:

Support SOC program attestation processes and coordinate internal testing with auditors.

Lead compliance program planning and establish necessary controls and processes.

Coordinate vulnerability scanning and remediation efforts across applications and infrastructure.

Develop and conduct security awareness training for staff and maintain security documentation.

Job description

Octus

Octus is a leading global provider of credit intelligence, data, and analytics. Since 2013, tens of thousands of professionals across hedge fund, investment banking, management consulting, and law firm verticals have come to rely on Octus to make better, faster, and more confident decisions in pace with the fast-moving credit markets.
For more information, visit: https://octus.com/

Working at Octus

Octus hires growth-minded innovators and trailblazers across the globe to drive our business and culture. Our core values – Action Oriented, Customer First Mindset, Effective Team Players, and Driven to Excel – define an organizational ethos that’s as high-performing as it is human. Among other perks, Octus employees enjoy competitive health benefits, matched 401k and pension plans, PTO, generous parental leave, gym subsidies, educational reimbursements for career development, recognition programs, pet-friendly offices (US only), and much more.

Role

Role Overview:

We are seeking a senior Cybersecurity professional to support our business, which provides multiple SaaS products of varying compliance complexity. This critical role involves serving as a security generalist for a subset of products and helping to maintain and enhance the security posture of those products. The ideal candidate will have experience with compliance programs, vulnerability management, and the security assessment processes.

Responsibilities:

Compliance and Attestation Support:

Support SOC program attestation processes, including gathering evidence, coordinating internal testing, and working with auditors.
Lead planning and preparation for compliance programs, establishing necessary controls and processes.
Respond to due diligence questionnaires (DDQs) and security assessments from clients and partners.

Vulnerability Management:

Coordinate vulnerability scanning, assessment, and remediation across applications and infrastructure.
Work with development and IT teams to ensure timely mitigation of identified security issues.
Track and report on vulnerability metrics and remediation progress.

Security Awareness and Training:

Develop and maintain security awareness materials and training programs.
Conduct security awareness sessions for technical and non-technical staff.
Promote a culture of security across the organization.

Security Documentation and Policies:

Develop, maintain, and review security policies, standards, and procedures.
Ensure documentation aligns with industry best practices and compliance requirements.
Support the development of security-related process documentation.

Incident Response:

Participate in security incident detection, response, and recovery activities.
Assist in post-incident reviews and the implementation of lessons learned.
Help maintain and test incident response procedures.

Requirements:

Bachelor's degree in Information Security, Computer Science, or related field, or equivalent experience.
5+ years of experience in information security, with focus on compliance, vulnerability management, or security assessment.
Strong knowledge of security frameworks and standards (e.g., SOC, NIST, ISO 27001).
Experience working with SOC programs and their attestation process.
Experience with due diligence processes and security questionnaire responses.
Understanding of common web application security vulnerabilities and mitigation strategies.
Familiarity with vulnerability scanning tools and vulnerability management processes.
Experience working with SaaS environments and cloud security principles.
Strong analytical, problem-solving, and communication skills.
Ability to work effectively with technical and non-technical stakeholders.

At Octus, we consider a range of factors in connection with compensation decisions, including experience, skills, location, and our business needs and limitations. As a result, compensation may vary within and across similar roles and positions. Please note that the salary range information below is a good faith estimate for this position and actual compensation for any individual may fall outside this range if warranted by the circumstances applicable to that individual. If we identify a role that would be suitable for a broader range of skills and experience such that we would consider hiring at multiple levels then the range listed below may reflect that breadth.

The salary range estimate for this position is $170,000 - $190,000.

The actual compensation will be at Octus’ sole discretion and will be determined by the aforementioned and other relevant factors. This position is eligible for a performance-based annual bonus.

Equal Employment Opportunity

Octus is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, pregnancy, veteran status, or any other legally protected status. We strive to create an inclusive and diverse work environment where all individuals are valued, respected, and treated fairly. We believe that diversity enriches our workplace and enhances our ability to innovate and succeed.

Required profile