Logo of Huzzle

Director of Information Security



10d ago

  • Job
    Senior Level
  • IT & Cybersecurity
  • $170K - $190K
  • New York City
  • Quick Apply


  • Excellent communication skills and the ability to work collaboratively and respectfully with other functions.
  • Extensive experience in at least two technical operations or engineering disciplines, whether that be network, infrastructure, cloud, data platforms, or software engineering.
  • A business-centric approach to risk management and risk tradeoffs that allow the continuous evolution of our security and compliance posture to support organization-wide commercial objectives.
  • A focus on generating meaningful results in a matrix organizational model.
  • The ability to establish rapport and trust with key stakeholders at all levels of the organization from individual software developers to executive leadership.
  • Extensive and demonstrable experience in information security, cyber security, data protection, disaster readiness, risk management, and security operations.
  • A passion for continuous learning and awareness of new capabilities and solutions that support secure systems delivery.
  • 5+ years of technology delivery experience with a focus on infrastructure, application development, data engineering, or security operations.


  • Play a leading role in establishing Secure by Design principles across the company-wide SDLC enterprise.
  • Manage relationships with applicable contracted 3rd parties, and key security operations suppliers to ensure the continuous monitoring and visibility of the security posture of Novata.
  • Work closely with key stakeholders including executive leadership, product engineering, product management, information technology, people team, and legal group.
  • Identify opportunities and implement best practices to continuously improve our security posture and readiness to respond to security threats.
  • You will play a key role in maintaining and enhancing our security program readiness in support of both SOC 2 and ISO 27001 certification standards.
  • Identify and clearly define risk items, issues, and incident responses, including root cause analysis and improvement.
  • Review and evaluate the adequacy of internal controls and compliance with IT security policies and procedures.
  • Develop and review policies, controls, and standards where appropriate.
  • Develop and monitor the Information Security audit and compliance schedule.
  • Lead risk management process for vendors and technology partners to ensure alignment with the security obligations of our customers.
  • Assist with customer inquiries and contract definitions related to security and data privacy obligations.
  • Assist with customer RFP, RFI, and bid package clarifications related to Cyber Security tooling and commitments being made by Novata.

An ESG platform built to empower private companies and investors to collect, analyze, benchmark & report relevant data.

Founded Year

Mission & Purpose

Novata is a public benefit corporation created by a unique consortium of The Ford Foundation, Omidyar Network, S&P Global and Hamilton Lane - global leaders in social justice, financial data, and private markets. Our mission is to empower the private markets to achieve a more sustainable and inclusive form of capitalism. We’re building a platform to address the private markets' critical and immediate need for simple, yet powerful tools to reduce the burden of collecting, managing, and benchmarking ESG data.

Culture & Values

  • Integrity

    Novata abides by the highest ethical standards of professionalism and human decency.

  • Togetherness

    Novata is the sum of all its parts: every individual is celebrated for who they are

  • Longevity

    Novata is a company built to last—its purpose is to serve the long-term mission of creating a more inclusive form of capitalism, where value and success are more than just commercial.

  • Agility

    Novata fosters the courage to change and works cohesively to implement it.


  • Access to comprehensive health plan coverage that is available to our people and their dependants

  • Contribution towards our employees’ retirement planning

  • Financial protection benefits

  • Generous family friendly leave policies that promote and prioritize employees’ well-being

  • Geographically distributed, hybrid and remote workforce

  • A connected team culture which promotes social well-being