Homeoffice Security Governance Risk and Compliance Audit Analyst at Oportun
Oportun · Remote MX, Mexico · Remote
Oyster – Hire globally with Oyster. Simplify payroll and compliance.
Sponsored by OysterABOUT OPORTUN
Oportun (Nasdaq: OPRT) is a digital banking platform that puts its 2.2 million members' financial goals within reach. With intelligent borrowing and savings, Oportun empowers members with the confidence to build a better financial future. Since inception, Oportun has provided more than $17.8 billion in responsible and affordable credit, saved its members more than $2.3 billion in interest and fees, and helped our members save an average of more than $1,800 annually. For more information, visit Oportun.com.
WORKING AT OPORTUN
Working at Oportun means enjoying a differentiated experience of being part of a team that fosters a diverse, equitable and inclusive culture where we all feel a sense of belonging and are encouraged to share our perspectives. This inclusive culture is directly connected to our organization's performance and ability to fulfill our mission of delivering affordable credit to those left out of the financial mainstream. We celebrate and nurture our inclusive culture through our employee resource groups.
We are seeking a Security GRC Analyst with a focus on compliance. supply chain or third-party risk management to join the team. The Security Analyst will assist in managing third party risk in accordance with the Third-Party Risk Management Policy and Third-Party Security Standard, primarily in identification and analysis of risks and proposing risk treatments appropriate to the risk severity and overarching business objectives.
RESPONSIBILITIES
- Assist in developing and maintaining a catalog of controls including evidence of those controls at work.
- Corresponding with diverse stakeholders.
- Evaluating alignment of internal policies, standards, and procedures to relevant frameworks and industry standards.
- Evaluating alignment of business practices with documented policies, standards, and procedures.
- Assist with enterprise gap assessment including documenting context-specific risk-based analysis.
- Writing assessment reports containing risk-based and context-specific evaluations.
- Other duties as assigned
REQUIREMENTS
Security Analyst must have the following knowledge, skills and abilities:
- Fluent in English
- Excellent organization skills and high attention to detail
- Excellent communication skills (verbal and written)
- Excellent analytical skills
- Proficient with common productivity and collaboration software
- Experience with security, compliance, and reporting frameworks (NIST CSF, CIS Critical Security Controls, ISO 27001, AICPA/SOC, PCI-DSS, FTC, SOX,)
- Experience with cross-mapping controls between different compliance and security frameworks
- Experience in responding to audit and due diligence requests from independent auditors and business partners
- Experience with common GRC solution(s)
- Ability to adapt to a fast-paced high-volume environment
- High attention to detail and strong organizational skills
- Willingness and ability to learn new skills and methodologies
ADDITIONAL REQUERIMENTS
- Bachelor’s Degree in related field
- 3-5 combined years of experience in Audit and/or Security Governance, Risk, and Compliance
- Security or Technology Audit industry certification
#LI-REMOTE
#LI-GK1
We are proud to be an Equal Opportunity Employer and consider all qualified applicants for employment opportunities without regard to race, age, color, religion, gender, national origin, disability, sexual orientation, veteran status or any other category protected by the laws or regulations in the locations where we operate.
California applicants can find a copy of Oportun's CCPA Notice here: https://oportun.com/privacy/california-privacy-notice/.
We will never request personal identifiable information (bank, credit card, etc.) before you are hired. We do not charge you for pre-employment fees such as background checks, training, or equipment. If you think you have been a victim of fraud by someone posing as us, please report your experience to the FBI’s Internet Crime Complaint Center (IC3).
