Information Security Analyst (IAM)

Salt Lake City
Risk Management
Full-time
Varo is on a mission to redefine banking so it's easy for everyone to make smart choices with their money. Our app offers bank accounts and high-yield savings accounts that don’t cost a thing, tools to help you manage your money and save automatically, and invitation-only personal loans at competitive rates. On the contrary, traditional banks charge fees, offer next-to-nothing savings rates, and don’t work with their customer’s best interests in mind.

Varo is distinct from other fintechs: With preliminary approval for a bank charter from the Office of the Comptroller of the Currency (OCC), we're on our way to becoming the first mobile-centric national bank in the country. Our unique team combines the best people in tech and banking, and we’re wildly passionate about keeping our customers happy by helping them manage and grow their money. Based in San Francisco and privately held, Varo has raised $178M to date, led by Warburg Pincus and The Rise Fund / TPG Growth.

The Information Security Analyst (IAM) position is a very important role in our Information Security team at Varo and will report to the Chief Information Security Officer (CISO). This role will be responsible for identity & access management (IAM) framework and certification functions. 

AS INFORMATION SECURITY ANALYST (IAM), YOU WILL

    • Maintain an IAM governance, certification program to support business and information security requirements for Varo Money and Varo Bank environments.
    • Analyze current state and develop future state IAM maturity model covering a broad range of topics including digital identities of workforce as well as scaling for growing customer\partner base that will meet\exceed regulatory expectations. 
    • Collaborate\partner with cross functional teams in all business units and stakeholders to identify\recommend\test IAM, Privileged Access Management (PAM), Cloud Access IAM technologies, and processes as needed.
    • Ensure strong authentication, authorization, role based access controls (RBAC) are implemented in existing\new applications\products, including mobile devices.
    • Utilize IAM, PAM solutions and\or other processes in developing identity & access governance certification metrics, dashboards.
    • Assist the CISO in management of all other security program areas, and functions. 
    • Support data governance and data classification programs. 

PREVIOUS EXPERIENCES THAT'LL HELP YOU BE GREAT

    • 1 - 3 years of information security experience with specialization in IAM;
    • Implementing and reporting on IAM\PAM governance & certification program; working knowledge of IAM framework, controls required for FFIEC Cybersecurity Assessment Tool, and PCI DSS compliance. 
    • B.S. in Cyber Security or Computer Science, Information Systems related majors
    • Security certifications desirable (e.g. CISSP-ISSMP, CISM, CGEIT, CCSP and\or other comparable certifications in IAM domain) 
    • IAM\PAM\RBAC\CASB\Single Sign On\Multi Factor Authentication\Federation\AWS IAM knowledge and experience, 
    • Experience of demonstrating maturity in IAM governance & certification that will meet requirements
    • Experience reporting\presenting to the senior management on the status of IAM\PAM governance, certification efforts.

    • THE THREE SKILLS THAT MATTER MOST
      Nobody can be great at everything, but we’re looking for candidates who are extraordinary at:
    • Passion for proactive & sustainable security\compliance that protects Varo assets, reputation & also enables the business;
    • Ability to communicate\collaborate effectively with team members, internal customers, senior management and the board; and
    • Knowledge of banking laws, regulations, and regulatory guidance that will be applicable to Varo now and when it opens the bank.

OTHER NICE TO HAVES

    • A high level of cyber professional integrity, intellectual curiosity
    • Passion for and dedication to mastering the details of any project
    • Experience managing multiple projects in a fast-paced, high volume environment
    • Tenacity, resiliency, can do attitude and game for any task
    • Able to adapt to quick changes in direction
    • Demonstrates a strong sense of ownership and positive attitude