Business Assurance Security Manager

Envestnet is seeking a passionate and talented Business Assurance Security Manager to join our Cybersecurity team. This is a hybrid role, with in-office work required at either our Raleigh, NC or Berwyn, PA office location.

Envestnet is transforming the way financial advice and wellness are delivered. Our mission is to empower advisors and financial service providers with innovative technology, solutions, and intelligence to make financial wellness a reality for everyone.

Since our founding 20 years ago, we are fully vested in helping people live an intelligent financial life. If you love the idea of working in a Fintech company with the environment and excitement of a start-up where you are making everyday impact - then read on. 

Job Summary:

The Business Assurance Security Manager ensures compliance with programs and processes to mitigate cybersecurity risk. BA Security Manager is responsible for the communication and completion of all security questions and security audits including the management of Third-Party risk data accumulation from our clients and business partners across the organization.

Job Responsibilities:

• Responsible for the coordination and ownership of all tickets coming into the client assurance portal through the Client Assurance Ticketing System and managing the SLAs and completion of all requests. This may include performing or managing audit requests or acting as a secondary resource for the team.
  
• Responsible for assuring that all activities are properly documented, all tickets are communicated professionally and clearly, and that all documentation is organized efficiently and effectively.
  
• Responsible for developing and documenting the process used by the client assurance team and managing the adherence to it; develops new processes or modifies existing processes to remain in line with our customers' needs as requirements change
  
• Serve as mentor for the day-to-day activities of the current Client Assurance support resources including all members of the Service Management and Security Analyst function in the US and India.
  
• Provide metrics and performance indicators on client assurance activities and assessment results.
  
• Work with other organizations which we require to successfully complete third part audits including, but not limited to – HR, Compliance, Legal, Sales and Engineering (across Business Units) to make sure the team has the latest information necessary for success while minimizing findings.
  
• Development and maintenance of aggregated metrics for the cyber security program
  
• Providing regular reports and updates to senior management on client assurance activities and outcomes.
  
• Responsible for ensuring the timely, responses, coordination and management of all client audits while minimizing audit issues or findings.
  
• Accountable for validating all external communications to clients and developing and managing internal communication for all aspects of the function.
  
• Own the tooling and management of process related to Jira, Loopio and any other reporting or Audit tools, both in making sure they are configured to suit our needs but are continuously being improved for the overall Information security function.
  
• Responsible for satisfying the compliance requirement of continuous self-education by conducting trainings for new hires and the Enterprise security team.
  
• Familiar with using and implementing GRC tools for audits and evidence management such as Archer
  
• Adherence to and application of Envestnet legal, compliance, risk, business continuity and administrative policy within the role and department(s) including the timely completion of training & awareness, affirmations and testing as requested. 
  
• As part of the responsibilities for this role, you will understand and readily support Envestnet's established corporate business practices, policies, internal controls and procedures designed to create value or minimize risk
  

Required Qualifications:

• A bachelor's degree in computer science, information technology, cybersecurity, or a related field is preferred.
  
• 5+ years field experience in a client services function handling complex requests and complex audit response.
  
• A strong understanding of cybersecurity principles, concepts, and best practices.
  
• Understand risk assessment methodologies, compliance frameworks (such as NIST, CACI, GDPR, SOC2, and PCI DSS service providers. Candidate should have a clear and in-depth understanding of the architecture, security controls, and deployment models of these platforms.
  

About Us:

Envestnet is a leading independent provider of technology‐enabled investment and practice management solutions to financial advisors who are independent, as well as those who are associated with small or mid‐sized financial advisory firms and larger financial institutions. Envestnet's technology is focused on addressing financial advisors' front, middle, and back‐office needs while leveraging our platform to grow their businesses and expand client relationships.

We offer a highly competitive compensation and benefits package as well as the excitement, challenges, and rewards of a fast-growing, entrepreneurial company.

Why Choose Envestnet:

• Be a member of a leading financial services and products innovation company
  
• Competitive Compensation/Total Reward Packages that include:
  
  • Health Benefits (Health/Dental/Vision)
    
  • Paid Time Off (PTO) & Volunteer Time Off (VTO)
    
  • 401K – Company Match
    
  • Annual Bonus Incentives
    
  • Parental Stipend
    
  • Tuition Reimbursement
    
  • Student Debt Program
    
  • Charitable match
    
  • Wellness Program
• Work on global projects with diverse, energetic, team members who respect each other and celebrate differences
  

Envestnet is an Equal Opportunity Employer.

#LI-AQ1