Director, Information Security (FinTech)

Founded in 2010, Mosaic is a rapidly growing provider of consumer lending solutions for the home energy market. Currently the largest residential solar lender by volume nationally, Mosaic is expanding into new verticals in 2016 — efficiency (HVAC, windows, lighting), batteries and home automation.  Centrally located in beautiful downtown Oakland, Mosaic is rapidly growing and we are looking for top talent to take us to the next level.

We are actively sourcing for an experienced Director of Information Security to join our IT team and lead the Information Security function for the organization. This is a key position reporting to the COO and you will utilize your expertise to provide strategic and tactical expertise in all facets of data security for Mosaic.  In this exciting role, you will partner regularly with corporate IT, DevOps and additional business teams across the organization to ensure that security policies and standards, processes and controls, and security solutions are in place and functioning at their optimal level.


 Key Responsibilities

  • In addition to a strong technical background, the ideal candidate will have hands on experience with security best practices, business processes, project management, performing security operations and managing security resources
  • Assist Corp IT, DevOps and Engineering teams in integrating security into the company’s application development and business processes
  • Manage the security incident response process for the company; develop training for key stakeholders, employees, contractors, and third parties working with customer PII and company's intellectual property to ensure policies are adhered to
  • Deploy and manage scanning/penetration testing procedures
  • Perform security assessments of in-house applications/systems and vendors’ software
  • Manage security problem tickets; log and monitor security events
  • Monitor the security health of company’s infrastructure (IDS/IPS, firewalls, servers, clients, applications, databases, spam tools, spyware tools, computer forensics tools, integrity checking tools, encryption key management tools, etc.)
  • Collaborate with corporate IT and DevOps to install security solutions
  • Review information security trends and news sources for emerging threats and vulnerabilities and continually update IT and other business units on any vulnerabilities applicable to the company
  • Review systems audits, network, and devices to identify vulnerabilities, audit findings, and compliance issues
  • Manage information security diligence of vendors and partners
  • As chair of the company’s Information Security committee, you will regularly keep CEO and Board members informed of committee proceedings


 Key Skills

  • Bachelor's degree or equivalent experience in Computer Science, Business Management, or MIS
  • Certified training in security management, risk and compliance solutions and practices i.e CISSP, GCIH, CISA, CISM, GSEC, CRISC, or related certification(s) (e.g., ethical hacking certs)
  • 10+ years’ IT and security experience including at least 2-3 years in a SOC-1 certified environment
  • Governance, regulatory or controls experience, in particular PCI and GLBA
  • Well versed in performing vulnerability security assessments using a variety of security scanners, developing security policies, standards, and procedures, and preparing technical and management finding/remediation reports
  • Hands-on experience and knowledge in the areas of logging, monitoring, alert management, and incident handling
  • Ability to work in a matrix environment where collaboration across the organization is essential to implementing a sustainable security program for the company
  • Excellent communication (written and oral) and interpersonal skills
  • Strong analytical skills, problem solving skills, and project management skills



Meet Some of Mosaic's Employees

Ajay D.

Marketing Project Manager

Ajay works on Mosaic’s Marketing Team. He facilitates collaborative projects involving multiple teams and helps produce the marketing content that different teams need.

Veronica A.

Assistant General Counsel

As Mosaic’s Assistant General Counsel, Veronica oversees the legal and regulatory compliance of company operations. She also drafts and negotiates contracts for every aspect of Mosaic’s business dealings.

Back to top