Senior Manager, Information Security

We are seeking a relationship-oriented Sr Manager of Governance, Risk, and Compliance (GRC) to join the InfoSec team. This individual will lead security functions related to governance, compliance, risk management, and customer/prospect security due diligence across Arcadia’s multi-faceted product portfolio. The ideal candidate is an experienced leader that is eager to collaborate across the entire company, prioritizes organization, is experienced in the GRC or related domains, a champion for inclusive culture, and well-aligned with Arcadia’s values and mission of innovating with energy utility data.

Arcadia is open to fully remote candidates who are based in the US and employees have access to co-working spaces.

#LI-REMOTE

What you’ll do:

• Ensure Arcadia’s successful annual delivery of SOC 2 Type 2 reports along with any additional security-related industrial or regulatory compliance frameworks we adopt in the future (e.g., ISO 27001).
• Work closely with Arcadia’s Commercial and Legal teams to serve as an InfoSec contact for enterprise customer/prospect due diligence and contract negotiations.
• Develop, coordinate, and drive strategies to advance Arcadia’s risk management maturity, including risk assessments, tracking risks, issues/exceptions/remediation management, and third-party risk management.
• Oversee the strategic improvement and operation of the following processes: identity and access governance, policy management, disaster recovery, business continuity, physical security, personnel security, and employee security awareness.
• Lead and support a small but experienced and impactful global GRC team.

What will help you succeed:

Must-haves:

• Four years of experience leading InfoSec or Engineering teams.
• Four years of experience with AWS services and architectures.
• Experience with industrial or regulatory frameworks such as SOC 2, ISO 27001, GDPR, and NIST CSF.
• InfoSec GRC experience or material insights.
• A human-centric orientation to security challenges and solutions.
• Experience delivering results on projects that cross organizational boundaries and diverse stakeholder interests.
• A commitment to transparency and documentation.
• Familiarity with workforce IT operations and challenges.

Nice-to-haves:

• Operational experience maintaining, optimizing, and governing processes or systems across multiple years.
• A pragmatic and iterative approach to continuous improvement.
• An ability to deftly pivot between detail orientation and strategic analysis.
• Enthusiasm to satisfy industrial norms but also seek non-traditional solutions.
• Experience managing incident response or other similar urgent and highly visible efforts.

Benefits:

• “Remote first” culture – work anywhere in the US as long as you have a reliable internet connection
• Flexible PTO – no accrued hours and no limit on the number of vacation days exempt employees can take each year
• 17 annual company-wide holidays including a week-long “summer break”
• 10 days sick leave
• Up to 4 weeks bereavement leave
• 2 volunteer days off
• 2 professional development days off
• 12 weeks paid parental leave for all parents
• 80-95% employer cost coverage for medical, dental, and vision benefits for employees and dependents