Remote - Cybersecurity Lead

World Business Lenders, LLC•New York, NY

11h•Remote

About The Position

At World Business Lenders (WBL), we offer flexible, short-term commercial loans secured by real estate, catering to a diverse clientele of small and medium-sized enterprises across the United States that often face challenges in accessing traditional financing. This is a Contract/Consultant position. Typical working hours are 9:00 am-6:00 pm Eastern Standard Time, Monday through Friday, though expect some flexibility depending on operational needs. Applicants must demonstrate a strong command of the English language, both verbally and in writing. We would love to see your CV, so please send it to us in English! Role Overview The Cybersecurity Lead will be the company's pioneering cybersecurity expert, tasked with establishing vital security capabilities, ensuring regulatory compliance, and enhancing the overall security framework. This role uniquely blends hands-on technical execution with leadership in program management, fostering effective risk mitigation across the company's Microsoft 365, Azure, and SaaS platforms. Role Purpose Initially, you will focus on performing a thorough cyber risk assessment, collaborating with infrastructure and development teams to set up monitoring and incident response processes, while steering the company towards SOC 1 and SOC 2 compliance readiness. As the role evolves, there is an exciting opportunity to expand into leading a small internal cybersecurity team.

Requirements

A Bachelor's degree in Information Security, Cyber Security, Computer Science, or a closely related field, or a comparable level of professional experience, is required.
4 to 7 years of experience in cybersecurity or IT risk, ideally with a strong background in hands-on implementation of security controls.
Having a background in cybersecurity within the financial sector would be a fantastic fit.
Solid grasp of security features in Microsoft 365 and Azure environments, such as Conditional Access, Defender, and Sentinel.
Experience in supporting SOC 1 / SOC 2 readiness assessments or audits is highly valued.
A strong understanding of SaaS and low-code platforms like Quickbase and HubSpot is essential.
Proficiency in recognizing cyber risks and protecting MS 365, Azure, low-code environments (especially Quickbase and Hubspot), as well as custom web applications developed in Python.
Great English communication skills, both written and spoken; capable of making technical and process concepts easy to understand for everyone, whether they're technical experts or not.
Great team player with strong collaborative skills; enjoys working with people across different departments and building agreement among a variety of stakeholders.
Detail-oriented with a strong dedication to accuracy, thoroughness, and consistency in all documentation and analysis.
Skilled at juggling multiple priorities, adapting to shifting requirements, and staying focused even in high-pressure situations.
A genuine curiosity about how systems and processes function; takes the initiative to investigate root causes and spot opportunities for improvement.

Responsibilities

Successfully complete a thorough cybersecurity risk assessment, complete with a prioritized response plan.
Achieve SOC 1 and SOC 2 readiness by implementing essential controls and gathering necessary evidence.
Foster productive collaboration with our Managed Service Provider (MSP) for ongoing monitoring and incident response.
Launch the first organization-wide cybersecurity awareness initiative.
Show documented improvements in our security posture and a noticeable decrease in key risk indicators.