DallasRecruiter Since 2001
the smart solution for Dallas jobs

Security Risk and Compliance Program Manager

Company: Social Finance (SoFi)
Location: Frisco
Posted on: August 7, 2022

Job Description:

Who we are:

Shape a brighter financial future with us.
Together with our members, we're changing the way people think about and interact with personal finance.
We're a next-generation fintech company using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we're at the forefront. We're proud to come to work every day knowing that what we do has a direct impact on people's lives, with our core values guiding us every step of the way. Join us to invest in yourself, your career, and the financial world.
About The Role
The Governance, Risk, and Compliance (GRC) team handles a wide range of cross-functional activities, from security compliance certifications and audits, to risk management, inbound and outbound due diligence, third party risk management, security awareness, policy and procedures, and more.
Each of these ongoing parallel activities entails interpreting and setting requirements, assessing the effectiveness of security controls, risk-based decision making, cross-functional collaboration and communication, and staying up-to-date on security best practices and how changes in the evolving threat landscape need to inform our strategy.
We are seeking an experienced Security Governance, Risk and Compliance Manager responsible for identifying, measuring, reporting, and treating cyber risks, both internally and externally with partners, vendors, and customers. This position will work cross functionally to establish and mature the GRC program for SoFi and its wholly owned subsidiaries. This position requires a mix of business and technical understanding to connect with various internal and external partners.

Manage and own major GRC-focused initiatives from beginning to end with minimal supervision.
Perform risk assessments based on industry frameworks such as NIST, ISO, FFIEC and CIS and assess effectiveness, scalability and reliability of security controls
Lead the escalation and resolution ofrisk and complianceissues with appropriate leadership including business, security, privacy, legal, compliance and ITteams
Monitor and ensure compliance with new regulatory requirements, information system security policy and standards
Define and execute existing or new compliance initiatives (i.e. SOC1, SOC2, ISO27001,PCI DSS)
Metricsdriven, understands, develops and delivers meaningful dashboards and reports to a wide audience demonstrating our current program state and adherence to frameworks andstandards.
Align and mature GRC programs of our wholly owned subsidiaries

Minimum qualifications

  • BS degree in Computer Information Systems or related field
    7+ years of experience with security GRC initiatives
    Experience managing PCI DSS, ISO 27001, SSAE18, or other compliance standards and framework programs
    Strong knowledge of security risk management and running audits/certification programs
    Knowledge of, or experience working with, Cloud technologies/environments, AWS or other related cloud experience
    Self-starter with strong interpersonal and communication skills
    Demonstrate ability to assimilate new knowledgequickly
    Comfortable working in a fast-paced, dynamic environment
  • Spanish speaking required

    Preferred qualifications

    Big 4, or management/IT consulting experience
    Relevant certification (e.g. CISA, CISSP) or equivalent expertise
    Have a detailed knowledge of NIST 800-53/800-37, SOC1, SOC 2, PCI, or ISO 27001 standards and understanding of evaluating the design and effectiveness of IT controls working directly with auditors for these types of assessments
    Ability to review technical reports and provide risk mitigation solutions from activities such as Penetration Testing, Vulnerability Management, and web-based application assessments
    Understanding of AWS cloud computing services/deployment architecture (IaaS, PaaS, SaaS) through experience in operating them or obtaining certifications
    Have experience in performing technical assessments and audits of network, operating systems, application
    Why you'll love working here:

    • Competitive salary packages and bonuses
    • Comprehensive medical, dental, vision and life insurance benefits
    • Generous vacation and holidays
    • Paid parental leave for eligible employees
    • 401(k) and education on retirement planning
    • Tuition reimbursement on approved programs
    • Monthly contribution up to $200 to help you pay off your student loans
    • Great health & well-being benefits including: telehealth parental support, subsidized gym program

      *These benefits are only applicable to full time employees
      SoFi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion (including religious dress and grooming practices), sex (including pregnancy, childbirth and related medical conditions, breastfeeding, and conditions related to breastfeeding), gender, gender identity, gender expression, national origin, ancestry, age (40 or over), physical or medical disability, medical condition, marital status, registered domestic partner status, sexual orientation, genetic information, military and/or veteran status, or any other basis prohibited by applicable state or federal law.
      The health and safety of our employees and their families is our top priority. Due to the ongoing nature of the COVID-19 pandemic, effective on November 1, 2021, U.S. employees must be fully vaccinated and boosted (when eligible) to work from any of our offices, travel for business or attend work-related meetings.
      The company will make reasonable accommodations when possible for employees who are unable to be vaccinated because of a disability, pregnancy, sincerely held religious belief, or for other legally required reasons..
      Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

      SoFi is committed to embracing diversity. As part of this commitment, SoFi offers reasonable accommodations to candidates with physical or mental disabilities. If you need accommodations to participate in the job application or interview process, please let your recruiter know or email
      Due to insurance coverage issues, we are unable to accommodate remote work from Hawaii or Alaska at this time.

Keywords: Social Finance (SoFi), Dallas , Security Risk and Compliance Program Manager, Executive , Frisco, Texas

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Texas jobs by following @recnetTX on Twitter!

Dallas RSS job feeds