Information Security Risk Analyst II

At Acorns, our mission is to look after the financial best interests of the up-and-coming, beginning with the empowering, proud step of micro-investing. How do we accomplish our mission? Our values.

Lead With Heart - With compassion, integrity, and tenacity, inspire yourself and others to move past all previous thresholds of possibility

Make Bold Decisions - We are creating a new world. Be optimistic, adventurous, and courageous. Leap fearlessly into the future

Always Build Trust - Say what you mean, mean what you say, and do what you say you’re going to do. We are all owners. We are one team

Never Stop Growing - Change IS the constant. Stay hungry and curious. Be relentless in the pursuit of progress

Find a way - Never settle, no excuses, nothing is impossible. Just make it happen

Our values guide us, and our mission drives us. Come join us and help deliver financial wellness for the whole family, putting the tools of wealth-making into everyone’s hands.

_______________________________________________________________________

Information Security Risk Analyst II | Acorns

Acorns is seeking an Information Security Risk Analyst II tasked with identifying, assessing, and managing security risks. This role requires expertise in cybersecurity, risk management, and regulatory compliance, coupled with a strong grasp of financial products. The ideal candidate will take ownership of risks and collaborate effectively with stakeholders across all levels of the organization.

Acorns is a remote-first organization, offering the flexibility to work remotely while providing optional access to office space in Irvine, CA.

What you will do at Acorns:

• Risk Assessment and Analysis:

  • Conduct comprehensive risk assessments to identify vulnerabilities and potential threats.

  • Analyze and prioritize risks based on Acorns' business context, impact, and likelihood. Provide actionable recommendations for risk mitigation.

• Policy Development:

  • Develop, implement, and maintain security policies and procedures in line with industry standards

• Compliance and Audits

  • Understand audit expectations and controls, and manage the independent audit engagements for Acorns.

  • Support compliance activities for relevant regulations and frameworks, including GLBA, FINRA WSP, and Reg S-P.

• Identity and Access Management

  • Manage Identity and Access Governance.

  • Conduct quarterly access reviews and periodic role certification by system owners

• Vendor Risk Management

  • Conduct Vendor risk assessments and manage third-party risks

  • Perform annual vendor reviews

• Training and Awareness:

  • Develop and deliver training programs to enhance security awareness among employees.

  • Foster a culture of security within the organization.

• Collaboration and Communication:

  • Communicate risk assessment findings and recommendations to stakeholders and senior management in a manner that is consistent with Acorns’ business context.

  • Demonstrate ownership of risks that includes communicating the business impact, performing risk assessment, prioritizing the risk, getting consensus with stakeholders, managing remediation/acceptance, and tracking over time.

What you will bring to Acorns:

• Minimum of 4 years of experience in the Information Security / GRC domain.

• Strong understanding of security frameworks, risk management methodologies, and compliance standards.

• Sound analytical, problem-solving, and decision-making skills.

• Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical, non-technical, and management stakeholders.

• Hands-on experience with Security tools and Scripting will be a key differentiator.

• Hunger to deliver game-changing products

• Exceptional drive and precision in delivery

• A belief that your work is tied to your life's mission

• Optimistic about the potential of societal change

You are not expected to have experience with all listed requirements. If you feel passionate about Acorns' mission, vision, and values, please apply.

What we offer:

• Competitive salary and stock options

• A comprehensive benefits package for you and your family

• Flexible work location, hours, and paid time off

• 401(k) matching

• Monthly Acorns account contribution & GoHenry account for your family

• Mindfulness and Financial Wellness resources, Headspace and Addition Wealth

• Acorns Career Development Program (Ongoing training sessions, development plans, development check-ins, Cornerstone’s online training platform)

• Roots Leadership Program for Emerging Leaders

• Community week onsite gatherings and various virtual events

• Talented and motivated team members who care deeply about one another, our mission, and our customers.

• The rare opportunity to create a new world. We inspire one another every day to do meaningful work that solves big societal challenges.

About Acorns:

Acorns is a financial wellness app that helps everyday people and families save and invest money for the long term. Since 2014, Acorns has grown into a global company with multiple life-stage products serving the needs of kids, teens, adults, and parents. Named one of Time’s “World’s Best Brands of 2024,” Acorns has helped over 14 million people save & invest over $25 billion dollars, much of it from spare change and small amounts.

Compensation Information:

The pay range for this position at commencement of employment is expected to be between $121,000 and $140,000/year; however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. The total compensation package for this position may also include other elements, including a sign-on bonus, equity grants, and discretionary cash bonus awards in addition to a full range of medical, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as vacation, sick time, and parental leave), dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment.

If hired, the employee will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

Work Authorization:

Acorns participates in E-Verify to confirm the employment eligibility of all newly hired employees. For more information about E-Verify, please visit www.e-verify.gov