Head of Information Security

  • Arcadia
  • New York, NY
  • Mar 19, 2021

Job Description

Join a mashup of deep energy experts and creative tech wizards who are taking the fight to climate change. Disrupt and reimagine the energy experience using modern technologies.

Arcadia is a technology company revolutionizing the energy industry. We make choosing clean energy easy for everyone, no matter where you live or who your utility provider is. Founded in 2015, Arcadia set out with one purpose that continues to drive us today: a 100% clean energy future.

We have built an innovative and powerful set of capabilities that allow us to integrate with our members’ utility accounts across all 50 states and seamlessly provide them access to clean energy, through direct-to-consumer and B2B offerings.

What we're looking for:

We are seeking a Head of Information Security to own our information security strategy and policy. This individual will prioritize a strategic roadmap to mitigate risk against all relevant threat vectors (including application/product security and employee security), monitor the effectiveness of the security program, and interface with regulators and third parties to represent and defend Arcadia’s posture. The ideal candidate is detail- and data-obsessed, with an excitement for problem-solving and working collaboratively with others in a fast-paced, highly dynamic environment.

This role is based in Washington, D.C., or New York City, NY, though we are open to considering a remote candidate (we are all working from home at the moment) and will report directly to the Head of Engineering. Additionally, this candidate will collaborate frequently with other engineers as well as the Product, Enterprise Solutions, Legal and Regulatory, Member Experience, and Analytics & Data Science teams.

What you'll do:

  • Define and drive Arcadia’s information security roadmap, strategy, tactics, and execution
  • Lead and mentor a team of security engineers to implement a comprehensive security program
  • Architect programs and processes that evaluate and enhance Arcadia's information security policies through monitoring, remediation, reporting, and auditing
  • Partner with Arcadia’s engineering teams during scoping and execution of all roadmap deliverables to ensure that security concerns are treated as first class product requirements 
  • Respond appropriately and effectively to security-related incidents and report back to key internal and external stakeholders
  • Participate in externally requested security audits from partners
  • Lead efforts to periodically review and update information security and privacy policy best practices across the company
  • Work with a leading policy team on developing regulatory structures around utility data access and security
  • Oversee and coordinate security efforts across the company alongside Engineering, IT, HR, Product, Legal, and more
  • Stay up to date with IT/Security industry trends and evaluate new solutions & techniques
  • Launch company-wide security initiatives and training

What will help you succeed:


  • 6+ years of prior experience in information security and/or risk management, preferably at a SaaS company
  • 3+ years of management experience
  • Experience working in a fast-paced, startup environment
  • Skill with collaboration, mentoring, learning from other engineers, and treating colleagues with empathy and respect
  • Excellent verbal, written and interpersonal communication skills, including the ability to effectively communicate security and risk-related concepts to individuals with technical and non-technical backgrounds
  • Deep knowledge and application of software development and quality assurance methodologies to application and infrastructure delivery
  • Proven track record of designing, launching, and driving successful adoption of company-wide security initiatives and programs
  • Passion for our mission, sustainability, and helping drive a clean-energy future


  • Professional security management certification such as CISSP, CCISO, CISM, GIAC, and/or other CISA
  • Experience implementing SOC II and CCPA compliance
  • Familiarity with AWS (or an equivalent cloud-provider) and the related security best-practices


Eliminating carbon footprints, eliminating carbon copies.   Here at Arcadia, we cultivate diversity, celebrate individuality, and believe unique perspectives are key to our collective success in creating a clean energy future. Arcadia is committed to equal employment opportunity regardless of race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, protected veteran status, or any status protected by applicable federal, state, or local law. While we are currently unable to consider candidates who will require visa sponsorship, we welcome applications from all qualified candidates eligible to work in the United States.

Organization Type




Want us to tweet your job? Please write your organization's twitter username below (just the username, please do not add the '@')