Sr. Information Security Analyst
ValonSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
FintechIndustries
Requirements
- Experience in hands-on leadership elevating security practices to metrics-driven, cross-functional programs
- Expertise with information security platforms (e.g., CrowdStrike, Security Hub, GuardDuty, Vanta, DataGrail, Snyk)
- Ability to implement, configure, and operationalize security platforms
- Knowledge of AWS cloud environments and Terraform-managed infrastructure
- Familiarity with security frameworks (SOC 2 Type 2, PCI DSS 4.0) and compliance obligations
- Skills in risk identification, evaluation, documentation, and treatment planning
- Proficiency in access controls, logging, backups, NG SIEM, and detection pipelines
- Experience leading AI/ML experimentation for security triage, anomaly detection, and risk prediction
- Ability to build data-driven security metrics, KPIs, and executive dashboards
- Strong collaboration skills with engineering, DevOps, Infrastructure, and executive stakeholders
Responsibilities
- Own implementation, configuration, and operationalization of information security platforms (e.g., CrowdStrike, Security Hub, GuardDuty, Vanta, DataGrail)
- Ensure correct configuration and deployment of tools like CrowdStrike in partnership with Information Security Engineer
- Lead monitoring, tuning, and stakeholder engagement for suspicious findings or alerts, with clear triage and response workflows
- Oversee security posture for access controls, logging, and backups, ensuring data ingestion into detection pipelines
- Track tooling effectiveness, improve alert fidelity, and eliminate coverage gaps
- Evaluate AI opportunities within tools (e.g., CrowdStrike, Vanta, Snyk) and recommend new AI-aligned platforms
- Lead AI/ML pilots for security signal triage, anomaly detection, and risk prediction
- Identify, evaluate, and document security risks across infrastructure, applications, and third-party services
- Develop and maintain risk treatment plans, balancing mitigation, acceptance, and investments
- Partner with VP of Information Security on top risks, executive dashboards, and control alignment
- Ensure AWS/Terraform environments meet security best practices and compliance
- Partner with Infrastructure, DevOps, and DevX to remediate governance and control gaps
- Drive alignment on security configurations, automation guardrails, and baseline controls
- Own security control operations for SOC 2 Type 2, PCI DSS 4.0, and privacy obligations, including evidence and audit support
- Maintain ownership of control domains (logging, monitoring, asset management, backups, encryption, vendor risk)
- Build repeatable, data-driven security metrics and KPIs at all levels
- Implement tools/workflows for automated data gathering, reporting, and visualization
- Use metrics for risk decisions, transparency, and budget justification
- Contribute to company-wide AI metrics with security-specific benchmarks and outcomes
- Support incident response
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What is the salary for the Senior Information Security Manager position?
This information is not specified in the job description.
Is this a remote position or is there a required location?
This information is not specified in the job description.
What key skills and experiences are required for this role?
The role requires hands-on leadership in information security platforms like CrowdStrike, Vanta, and Snyk, expertise in AWS cloud security with Terraform, risk management including identification and treatment plans, and experience leveraging AI/ML for security efficiency and anomaly detection.
What is the company culture like at AffiniPay?
AffiniPay is a fast-growing fintech company recognized as one of Inc. 5000’s fastest growing companies for 13 years, with expanding teams focused on modernizing security practices into an integrated, metrics-driven program as part of their company-wide AI adoption and Value Creation Plan.
What makes a strong candidate for this Senior Information Security Manager role?
A strong candidate thrives in hands-on leadership, has experience modernizing security with AI-enabled platforms like CrowdStrike and Vanta, excels in risk management and cross-functional collaboration, and can drive AI experimentation to improve security efficiency in AWS environments.
AffiniPay
Payment processing solutions for professionals
About AffiniPay
AffiniPay provides payment solutions specifically designed for professionals in various industries, including legal, accounting, design, and associations. Its main products, such as LawPay and CPACharge, offer customized payment processing systems that help clients manage transactions securely and efficiently. These solutions streamline payment processes, improve cash flow, and enhance the client experience. AffiniPay distinguishes itself from competitors by focusing on the unique needs of professional services and ensuring compliance with industry standards, which is essential for clients handling sensitive financial information. The company's goal is to be a trusted partner for professionals by providing secure and effective payment processing solutions that meet their specific requirements.
Austin, TexasHeadquarters
2005Year Founded
GROWTH_EQUITY_VCCompany Stage
Fintech, Financial ServicesIndustries
501-1,000Employees
Risks
Increased competition from fintech startups could erode AffiniPay's market share.
Expansion into new markets may expose the company to unfamiliar regulatory challenges.
Reliance on key partnerships may pose a risk if these relationships change or dissolve.
Differentiation
AffiniPay specializes in payment solutions for professional services like legal and accounting.
The company offers industry-specific products such as LawPay and CPACharge.
AffiniPay emphasizes security and compliance, crucial for handling sensitive financial information.
Upsides
Expansion into Puerto Rico could open new markets and increase revenue streams.
Significant investment from Genstar Capital could accelerate growth and innovation.
CEO Dru Armstrong's recognition could enhance the company's reputation and attract top talent.
Related Jobs
RemoteRemoteCybersecurity TPRM & Trust Manager
MarqetaSalary not specified
RemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteManager, Third Party Security
CVS HealthSalary not specified
RemoteSecurity Program Manager
OpenAISalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Operations Manager
JobberSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteHead of Security
OpenSeaSalary not specified
- Full Time
- Expert & Leadership (9+ years), Senior (5 to 8 years)
RemoteDirector of Security
KoBold MetalsSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteInformation Security Compliance Analyst
BonterraSalary not specified
RemoteSecurity Architect
EarnestSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteManager, Security Engineering
GoFundMeSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Vulnerability Manager
Keeper SecuritySalary not specified
RemoteSr Manager, Threat Intelligence
UltraViolet CyberSalary not specified
RemoteSenior GRC Analyst
TinesSalary not specified
- Full Time
- Senior (5 to 8 years)