Sandbox Banking is looking for an exceptional security program manager who wants to help accelerate banking innovation across the world! We are a remote team with employees across the US.
Successful candidates will be excited to maintain and improve every aspect of our SaaS company’s security posture! Deep understanding of organizational/human behavior, policy design, employee training, third-party audit processes, cloud architecture, software engineering, customer due diligence, red-team penetration testing, and vulnerability discovery/remediation program management will be required. The individual will be considered a member of the Sandbox Banking leadership team, and their input will significantly influence product and technology strategy.
Security is never an after-thought for us. Our bank customers trust us to connect their most sensitive data sources – we’ve always treated the safeguarding of their systems/data as both a business necessity and ethical responsibility.
Successful candidates will be expected to demonstrate relevant experience working in a dynamic environment dealing with complex challenges, and continuously communicate with all members of the business to achieve security objectives. Sandbox is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Product We provide a low-code integration builder called Glyue for banks and fintechs to quickly connect their systems. US regional/community banks and credit unions are looking to overhaul the digital experiences they deliver to customers. Increasingly, they solve this challenge by sourcing software from fintech companies that specialize in building and operating financial services software. Unfortunately, distributing new software to FIs has historically been a long and painful process because of data security and system integration hurdles.
Sandbox empowers FIs and fintech vendors to quickly and safely build new integrations – our Glyue application lets anyone who can use Excel formulas connect banking systems. Furthermore, the platform’s fine-grained authentication and permissions model provides FIs with strict control over which people/software can access particular banking data and operations.
FIs and fintechs love the platform. FIs are able to quickly and cost-effectively leverage cutting-edge solutions without compromising on integration; fintechs don’t need to spend time and money on activities outside of core product development and distribution.
Why Work at Sandbox? -Small team of just over 30 full-time employees – you will own problems from start to finish and meaningfully impact company outcomes; -Teammates who are smart, curious, and driven to succeed. You will always be learning; -Your ideas and opinions about the product will matter. Everyone in our company contributes to our product roadmap; -You’ll use a variety of technologies across our entire software stack; -Remote-first organization that provides geographic flexibility (although all employees must live in the US); 70+ bank and credit union clients; -$5.35MM of venture capital raised in 2022; -Top-tier investors like Y Combinator; -Competitive salary and stock option compensation; -Your work will transform an entire industry;
Responsibilities Our security program manager will need to perform a variety of tasks to help maintain the security posture and requirements of Sandbox Banking: Work closely with the CTO, architects, engineers, and system administrators to ensure security is maintained as new functionality is delivered; Design and implement standards, policies, guidelines and appropriate architectural principles to ensure the firm’s cyber security goals continue to be met; Provide risk-based direction in conjunction with IT teams for future system enhancements in line with the overall firm’s strategy; Recognize potential opportunities to enhance the firm’s security and help deliver the necessary changes to realize such gains; Provide security subject matter expertise to support relationships with partners, customers, and vendors; Ensure systems and their information handling comply with current and (to the extent they’re predictable) future requirements; Ensure Sandbox Banking runs effective data classification processes; Ensure Sandbox Banking runs effective data retention processes; Ensure governance, policy and procedures in relation to information security meet agreed standards within the company; Appropriately scope and manage penetration testing of company infrastructure, products, services, and processes; Scope and implement appropriate vulnerability discovery technologies and processes; Project manage and complete annual internal security audit; Project manage and complete annual SOC 2 Type 2 audit; Project manage and complete quarterly access reviews; Maintain sufficiently updated standard vendor due diligence packets for partners and customers; Handle bespoke vendor due diligence requests from partners and customers; Provide security-related feedback and suggestions to help harden the company’s products and services; Scope, design/source, and ensure the delivery of appropriate security training for Sandbox Banking personnel; Refine and test the company’s incident reporting and breach management policies; Execute the company’s incident reporting and breach management procedures as necessary. This would require oversight and guidance during security incidents and investigations. It would include root cause analysis, communication with appropriate internal and external parties, and deriving appropriate learnings to be utilized for strengthening the company’s security posture; Provide quality reporting to summarize security posture details and security testing outcomes. Reports will include objectives, planning, methodology, results, analysis and recommendations to both technical and non-technical audiences; Extend system development life cycle (SDLC) and enforce SDLC compliance to maintain and enhance security; Selectively perform security code reviews of product changes; Selectively perform security reviews of infrastructure and network changes; Selectively perform security reviews of integration logic changes; Perform initial and ongoing security reviews of (sometimes prospective) company vendors and providers; Continuously update the candidate’s own knowledge of security trends, developments, and best practices; Continuously nurture the company’s cultural focus on security;
Compensation Salary will be competitive for our stage of company, and the role includes a stock option package that provides significant upside. It’s important to us that our early employees win if the company succeeds.
Product Manager, AssemblyAIFull Time Employment
Software Engineering - Machine Learning, Be GoldenContract Employment
Program Manager, Paragon OneFull Time Employment
Senior Program Manager, VouchFull Time Employment
Engineering Intern, Be Golden
Let's simplify your job search. Receive your tailored set of opportunities today.Subscribe to our Jobs