Senior Manager, Information Security

Who We Are 

Arcadia is the technology company empowering energy innovators and consumers to fight the climate crisis. Our software and APIs are revolutionizing an industry held back by outdated systems and institutions by creating unprecedented access to the data and clean energy needed to make a decarbonized energy grid possible.

In 2014, Arcadia set out on its mission to break the fossil fuel monopoly and since then we have been knocking down the institutional barriers to unlock decarbonization.  To date, we have connected hundreds of thousands of consumers and small businesses with high-quality clean energy options. Fast forward to today, and now, we’re thinking even bigger.  We have launched Arc, an industry-defining SaaS platform that empowers developers and energy innovators to deliver their own custom, personalized energy experiences, accelerating the transformation of the industry from an analog energy system into a digitized information network.

Tackling one of the world’s biggest challenges requires out-of-the-box thinking & diverse perspectives. We’re building a team of individuals from different backgrounds, industries, & educational experiences. If you share our passion for ushering in the era of the clean electron, we look forward to learning what you would uniquely bring to Arcadia!

What we’re looking for:

We are seeking a relationship-oriented Sr Manager of Governance, Risk, and Compliance (GRC) to join the InfoSec team. This individual will lead security functions related to governance, compliance, risk management, and customer/prospect security due diligence across Arcadia’s multi-faceted product portfolio. The ideal candidate is an experienced leader that is eager to collaborate across the entire company, prioritizes organization, is experienced in the GRC or related domains, a champion for inclusive culture, and well-aligned with Arcadia’s values and mission of innovating with energy utility data. 

Arcadia is open to fully remote candidates who are based in the US and employees have access to co-working spaces.

#LI-REMOTE

What you'll do:

• Ensure Arcadia’s successful annual delivery of SOC 2 Type 2 reports along with any additional security-related industrial or regulatory compliance frameworks we adopt in the future (e.g., ISO 27001).
• Work closely with Arcadia’s Commercial and Legal teams to serve as an InfoSec contact for enterprise customer/prospect due diligence and contract negotiations.
• Develop, coordinate, and drive strategies to advance Arcadia’s risk management maturity, including risk assessments, tracking risks, issues/exceptions/remediation management, and third-party risk management.
• Oversee the strategic improvement and operation of the following processes: identity and access governance, policy management, disaster recovery, business continuity, physical security, personnel security, and employee security awareness.
• Lead and support a small but experienced and impactful global GRC team.

What will help you succeed:

Must-haves:

• Four years of experience leading InfoSec or Engineering teams.
• Four years of experience with AWS services and architectures.
• Experience with industrial or regulatory frameworks such as SOC 2, ISO 27001, GDPR, and NIST CSF.
• InfoSec GRC experience or material insights.
• A human-centric orientation to security challenges and solutions. 
• Experience delivering results on projects that cross organizational boundaries and diverse stakeholder interests.
• A commitment to transparency and documentation.
• Familiarity with workforce IT operations and challenges.

Nice-to-haves:

• Operational experience maintaining, optimizing, and governing processes or systems across multiple years.
• A pragmatic and iterative approach to continuous improvement.
• An ability to deftly pivot between detail orientation and strategic analysis.
• Enthusiasm to satisfy industrial norms but also seek non-traditional solutions.
• Experience managing incident response or other similar urgent and highly visible efforts. 

Benefits:

• "Remote first" culture - work anywhere in the US as long as you have a reliable internet connection
• Flexible PTO - no accrued hours and no limit on the number of vacation days exempt employees can take each year
• 17 annual company-wide holidays including a week-long "summer break"
• 10 days sick leave
• Up to 4 weeks bereavement leave
• 2 volunteer days off
• 2 professional development days off
• 12 weeks paid parental leave for all parents
• 80-95% employer cost coverage for medical, dental, and vision benefits for employees and dependents
• A supportive engineering culture that values diversity, empathy, teamwork, trust, and efficiency.

Eliminating carbon footprints, eliminating carbon copies.

Here at Arcadia, we cultivate diversity, celebrate individuality, and believe unique perspectives are key to our collective success in creating a clean energy future. Arcadia is committed to equal employment opportunities regardless of race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, protected veteran status, or any status protected by applicable federal, state, or local law. We are proud to offer visa sponsorship opportunities for qualified candidates interested in joining our team.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Target Annual Compensation Range for this role will be $180,000 to $220,000. There will also be a competitive benefits and equity (bonus if applicable) component to the package. The exact compensation at which this job is filled will be determined by the skills, experience, and location of the qualified candidate.