Envestnet

About the Company

Envestnet is the Adaptive WealthTech company that helps advisors meet the moment with its comprehensive technology, insights, solutions, and industry-leading support. This empowers advisors to make smart decisions throughout every step of a client's financial life. Backed by 25 years of experience and $7.0 trillion in platform assets, Envestnet is trusted by over a third of all financial advisors across many leading banks, wealth managers, brokerages, and RIAs. For a deeper dive into how Envestnet is shaping the future of financial advice, visit www.envestnet.com. Envestnet refers to the family of operating subsidiaries of the holding company, Envestnet, Inc. Stay connected with us for the latest updates and insights on LinkedIn and X (@Envestnet_). Social Media Disclosure: www.envestnet.com/social-media-disclosure Privacy Policy: https://www.envestnet.com/privacy

Listed Jobs

Company Name

Envestnet

Job Title

Information Security Risk Management Director

Job Description

**Job Title** Information Security Risk Management Director **Role Summary** Lead the organization’s information security risk management program, delivering comprehensive risk assessments, control validation, and risk communication to align security initiatives with business objectives. Drive improvements in risk orchestration, insider threat capabilities, and risk reporting while ensuring compliance with NIST frameworks and financial regulatory requirements. **Expectations** - Direct a cross‑functional risk team and maintain program cadence. - Deliver clear, quantified risk insights to technical and non‑technical stakeholders. - Update risk processes to reflect NIST CSF 2.0, NIST RMP, and NIST AI Risk Frameworks. - Ensure timely remediation coordination with engineering, operations, and compliance. **Key Responsibilities** - Conduct threat and vulnerability risk assessments across information assets, infrastructure, and applications. - Manage risk documentation, evidence, and remediation workflows in Archer GRC. - Validate control effectiveness against NIST‑based policies and industry best practices. - Design and execute insider threat program enhancements and threat‑driven scenario development. - Develop risk metrics, dashboards, and performance indicators for senior management. - Produce regular risk reports, presentations, and updates to the Information Security leadership. - Lead risk‑orchestration initiatives to extend coverage across products and services. **Required Skills** - Deep knowledge of NIST Cybersecurity Framework, NIST Risk Management Framework, and NIST AI Risk Framework. - Expertise in security risk assessment, control validation, threat modeling, and risk quantification. - Proficiency with Archer GRC or comparable GRC platforms. - Strong analytical, documentation, and communication skills; ability to translate technical risks for business audiences. - Experience managing cross‑functional risk teams and driving process improvements. - Knowledge of financial services regulatory landscape (e.g., GDPR, PCI‑DSS, SOX, FFIEC). **Required Education & Certifications** - Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or related field (Master’s preferred). - Security certifications: CISSP, CISM, CRISC, or equivalent; NIST-related certifications advantageous. ---

Berwyn, United states

Hybrid

14-09-2025

Company Name

Envestnet

Job Title

Security Analyst

Job Description

Job title: Security Analyst Role Summary: Proactive Security Analyst responsible for monitoring, detecting, and responding to security incidents within a Security Operations Center (SOC). Performs vulnerability assessments, threat hunting, and automation of incident response. Supports continuous improvement of SOC processes, runbooks, and incident playbooks while collaborating with IT, development, and offensive security teams. Expectations: - Act as first responder to all security alerts, managing the full incident response lifecycle. - Conduct routine vulnerability scans, prioritize findings, and coordinate remediation. - Automate triage and response tasks using SOAR tools and participate in threat hunting and purple teaming exercises. - Maintain accurate and up‑to‑date SOC documentation and contribute to process enhancements. - Communicate findings and recommendations clearly to technical and non‑technical stakeholders. Key Responsibilities: 1. Monitor SIEM, EDR, IDS/IPS, and other security tools for alerts. 2. Triage and analyze security incidents; escale to senior staff as needed. 3. Lead incident response phases: detection, analysis, containment, eradication, recovery, and post‑incident review. 4. Execute vulnerability scanning (network, application, system) and collaborate with IT/development for patching. 5. Document incident details, remediation steps, and configuration changes. 6. Update and refine SOC runbooks, playbooks, and security documentation. 7. Perform proactive threat hunting and automation of response workflows. 8. Engage in purple‑team exercises with offensive security using BAS. 9. Support security awareness training and policy compliance. Required Skills: - 4+ years of cybersecurity experience in SOC, incident response, or vulnerability management. - Proficiency with SIEM platforms, EDR solutions, IDS/IPS, and vulnerability scanners. - Knowledge of network protocols, operating systems (Windows, Linux), and attack vectors. - Strong analytical, problem‑solving, and attention‑to‑detail abilities. - Excellent written and verbal communication. - Team player with ability to work independently. - Adaptability to emerging technologies and threat landscapes. Required Education & Certifications: - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent practical experience). - Certifications preferred: CompTIA Security+, CySA+, or EC-Council CEH.

Berwyn, United states

Hybrid

Junior

01-10-2025