Named by Fast Company in its Top 10 Most Innovative FinTech Companies, Halo Investing is the first independent, multi-issuer platform for defined outcome investing. Halo Investing gives financial advisors, wealth managers and RIA’s access to structured notes, buffered ETFs, and annuities. By delivering the best pricing and execution to the clients it serves, Halo is changing the world of investing by democratizing the protective investment marketplace.
In October 2021, Halo announced that it raised over US$ 100 million in Series C funding. The latest fundraising round was led by Owl Capital and included the Mubadala-backed US $1 billion fund managed by Abu Dhabi Catalyst Partners, in addition to existing investors Allianz Life Ventures and William Blair.
Halo is based in Chicago, with offices in Zurich, Abu Dhabi, and Singapore. We’ve balanced tremendous growth with strong company culture to create a uniquely motivated, dynamic, and proactive team. Above all, we value collaboration, communication, and passion!
About the Role:
We are looking for a Senior Information Security Engineer who’s passionate about Enterprise security! In this role, you'll report directly to the CISO and play an integral role in defining and executing security strategies to protect sensitive company and customer data. You will work alongside groups within the business and product engineering to design and implement processes, solutions and training that reduce the threat from internal and external sources. A successful candidate will be able to assess and identify security risks, communicate/document and implement security best practices. They will be able to provide consultation on security best practices for internal and customer facing projects and will develop, implement and maintain security programs for the enterprise. The ability to learn quickly and then execute is vital to this candidate’s success.
- Help define & drive strategy for security engineering team.
- Design improvements to the security architecture around our production environment, applying the principle of least privilege to improve our identity and access management for customers, users and applications.
- Act as the lead in our response to security incidents - help triage and alleviate incidents.
- Work hand-in-hand with our product engineering team to ensure we build our products securely.
- Create secure code champion functionality through the organization to help promote secure, clean and maintainable code that adheres to industry best practices.
- Assess the security of planned features and applications as well as our core infrastructure, partnering with the relevant teams to identify and mitigate risks prior to release.
- Perform routine security audits and assessments in support of ISO-27001, SOC 2, and as part of our security plan.
- Develop, deliver, and participate in social engineering exercises.
- Automate security initiatives.
- Help manage SAST/DAST activities.
- Deliver focused security training on best practices.
- Provide guidance and technical mentorship for junior resources to help them grow and do the best work of their careers.
- Help attract top level talent and lead the technical direction of the team.
Required Education and Experience:
- Bachelor’s degree in Computer Science or Information Systems.
- 5+ years experience securing network and perimeter infrastructures.
- 5+ years experience with identity and access management (OKTA, Auth0, SAML, IAM, etc.)
- Network+, Security+, CISSP or any accredited security certification. If you do not have the CISSP, then must be willing to obtain it within 15 months of joining Halo Investing.
- 5+ years of full-stack development experience.
- Experience with data loss prevention products.
- Experience working with and securing endpoints.
- Experience with major IaaS/PaaS providers (AWS, Azure, GCP).
- Knowledge of industry standard security framework, technologies, protocols, and best practices including but not limited to NIST, ISO/IEC, SOC 2, and OWASP.
- Knowledge of data privacy laws including but not limited to GDPR and CCPA.
- Understanding of database functionality and security.
- Familiarity with programming languages (Python, Java, etc.) and automation of system tasks.
- Familiarity with Agile practices.
- Experience in communicating and leading discussions regarding technical solutions or problems to varying levels of the organization.
- Experience developing and maintaining strong relationships.
- Ability to think creatively to solve problems and continuously improve.
- Competitive Compensation
- Comprehensive Medical and Dental
- 401k Program
- Unlimited PTO
- Paid Parental Leave
- Flexible Hybrid WFH Environment
- Fun & Exciting work environment, including free snacks and onsite pop-a-shot
- Flexible and highly collaborative work environment
Halo Values Diversity and Inclusion. We are proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, national origin, disability status, protected veteran status, or any other characteristics protected by federal, state, or local laws, regulations, or ordinances. If you need assistance or accommodation due to disability or special need when applying for a role or during our recruitment process, please contact us at: firstname.lastname@example.org