Director of Information Security & Compliance
NYC
About Norm Ai
Norm Ai automates compliance processes to make them more efficient, cost-effective, and accurate while ensuring democratic guardrails for AI in autonomous roles. By converting complex regulations into intelligent AI programs, we enable teams to operate with unprecedented speed and precision.
We also aim to enable the integration of AI agents into daily life, ensuring that AI-driven business processes adhere to legal and societal norms through adoption of our Regulatory AI agents as oversight. At Norm Ai, we're committed to aligning AI with public policy, reflecting our society's collective will, and ushering in a new era of regulatory intelligence and societal-AI alignment.
In the past 12 months, we’ve raised more than $38 million from top VCs and global institutions.
You can find our Vision here: https://www.norm.ai/post/building-regulatory-ai-agents.
This Role
As Director of Information Security you will be responsible for ensuring that Norm Ai is continuing to adhere to the highest enterprise standards and maintaining a robust information security profile to protect our client data and systems. You will own our SOC 2 Type 2 process and internal policies and procedures, as well as all associated activities such as BC/DR drills, Penetration Testing and more. You will ensure that the Norm Ai team has an Information Security-focused mindset through internal education and enablement.
You will own our internal data management policy and client contractual requirements relating to information security. You will establish processes and procedures to ensure that we continue to comply with our contractual obligations, including client reporting.
You will engage with our engineering team as needed regarding client inquiries and in order to ensure that our systems and configurations are aligned with all client requirements. You will source and implement information security systems in collaboration with our engineering team. You will meet with clients on a regular basis as part of enterprise architecture reviews and sales discussions, and will facilitate any questions they may have about Norm Ai, and will help them accelerate their work to close deals through high levels of responsiveness. You will create assets and marketing collateral describing our information security framework.
30 daysYou have gotten fully up to speed regarding all of our information security practices and existing framework. You have reviewed all of our existing policies and procedures.You have taken ownership of our existing Information Security platforms.
60 daysYou have a deep understanding of our architecture. You require no assistance in order to successfully complete an information security questionnaire. You have made concrete suggestions for areas to push our Information Security posture forward.
90 daysYou are independently running our information security program. You are able to take client calls regarding Norm Ai information security and architecture independently.
Norm Ai automates compliance processes to make them more efficient, cost-effective, and accurate while ensuring democratic guardrails for AI in autonomous roles. By converting complex regulations into intelligent AI programs, we enable teams to operate with unprecedented speed and precision.
We also aim to enable the integration of AI agents into daily life, ensuring that AI-driven business processes adhere to legal and societal norms through adoption of our Regulatory AI agents as oversight. At Norm Ai, we're committed to aligning AI with public policy, reflecting our society's collective will, and ushering in a new era of regulatory intelligence and societal-AI alignment.
In the past 12 months, we’ve raised more than $38 million from top VCs and global institutions.
You can find our Vision here: https://www.norm.ai/post/building-regulatory-ai-agents.
This Role
As Director of Information Security you will be responsible for ensuring that Norm Ai is continuing to adhere to the highest enterprise standards and maintaining a robust information security profile to protect our client data and systems. You will own our SOC 2 Type 2 process and internal policies and procedures, as well as all associated activities such as BC/DR drills, Penetration Testing and more. You will ensure that the Norm Ai team has an Information Security-focused mindset through internal education and enablement.
You will own our internal data management policy and client contractual requirements relating to information security. You will establish processes and procedures to ensure that we continue to comply with our contractual obligations, including client reporting.
You will engage with our engineering team as needed regarding client inquiries and in order to ensure that our systems and configurations are aligned with all client requirements. You will source and implement information security systems in collaboration with our engineering team. You will meet with clients on a regular basis as part of enterprise architecture reviews and sales discussions, and will facilitate any questions they may have about Norm Ai, and will help them accelerate their work to close deals through high levels of responsiveness. You will create assets and marketing collateral describing our information security framework.
- Highly motivated and proactive. Look for any and all opportunities to improve our Information Security posture.
- Excellent communicator. Capable of engaging company employees in an efficient manner and effectively navigating stakeholder discussions.
- Discretion and credibility. Know when something is important enough to push on, with the ability to make the case for your ask in an evidence-based and effective way. Knowing when something
- Organized and effective. Be comfortable with leading our Information Security framework as an IC, handling both strategic and in the weeds tasks alike.
Skills & Experience - Core
- 5-7+ years of work experience.
- Experience leading SOC 2 Type 2 or related certification, audit, or attestation processes.
- Experience drafting and promulgating internal information security policies.
- Experience leading educational programs to build information security awareness.
- Experience with SaaS and AI software.
- Technical enough to have a deep and in-the-weeds discussion with an engineer that will allow them to instantly understand your point of view.
Skills & Experience - Pluses
- Prior engineering experience.
- Experience with enterprise architecture (SSO, Private Clouds, VPN Whitelisting).
- Experience with HIPAA.
- Experience with FEDRAMP.
30 daysYou have gotten fully up to speed regarding all of our information security practices and existing framework. You have reviewed all of our existing policies and procedures.You have taken ownership of our existing Information Security platforms.
60 daysYou have a deep understanding of our architecture. You require no assistance in order to successfully complete an information security questionnaire. You have made concrete suggestions for areas to push our Information Security posture forward.
90 daysYou are independently running our information security program. You are able to take client calls regarding Norm Ai information security and architecture independently.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Architecture Jobs
Compliance Jobs
Leadership Jobs
Tags: Compliance FedRAMP HIPAA Pentesting SaaS SOC SOC 2 SSO VPN
Perks/benefits: Team events
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsInformation Security Specialist jobsInformation Security Manager jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsSenior Penetration Tester jobsCyber Security Specialist jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Administrator jobsSystems Engineer jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsIT Security Analyst jobsCloud Security Architect jobsStaff Security Engineer jobsSecurity Operations Analyst jobsInformation Systems Security Engineer jobs
DevSecOps jobsKubernetes jobsEncryption jobsPowerShell jobsSaaS jobsIDS jobsEDR jobsSplunk jobsSDLC jobsIPS jobsSQL jobsRMF jobsTop Secret jobsIntrusion detection jobsBash jobsThreat detection jobsITIL jobsCompTIA jobsFinance jobsCRISC jobsOWASP jobsActive Directory jobsDoDD 8570 jobsDocker jobsBanking jobs
TCP/IP jobsUNIX jobsVPN jobsGIAC jobsSANS jobsHIPAA jobsTerraform jobsIT infrastructure jobsClearance Required jobsSOX jobsSOC 2 jobsOSCP jobsCISO jobsData Analytics jobsIndustrial jobsCCSP jobsJavaScript jobsDNS jobsSOAR jobsPolygraph jobsAnsible jobsMITRE ATT&CK jobsJira jobsCyber defense jobsCOBIT jobs