Manager, IT Governance, Risk & Compliance

At LendingPoint, we believe that everyone deserves to feel the power of possibilities. As an online fintech company, we’ve created advanced consumer, small business, and merchant point-of-sale lending solutions to unlock access to affordable loans and empower those working to build their financial potential. By creating technology that sees your potential, we’re driving a better lending and borrowing experience by finding more reasons to say “yes.”

More than just a job, LendingPoint is an exciting career choice where you’ll bring your expertise and experience to a talented team focused on fostering positive new customer experiences that inspire loyalty.

Are we speaking about you?  Then keep reading.

Manage LendingPoint’s IT GRC activities and audits, providing oversight and project management of critical compliance and risk management domains. 

ESSENTIAL JOB FUNCTIONS: 

• Responsible for management of LendingPoint’s IT GRC activities and audits
• Help drive compliance and risk management engagement throughout the company
• Act as GRC Subject Matter Expert, advising business units on risk decisions and compliance requirements
• Oversight of request, collection, and quality control review of infrastructure-related third-party audit evidence
• Report and prepare presentations on the levels of risk and control effectiveness to key stakeholders such as IT, business unit management, senior management, and internal/external auditors
• Conduct risk analysis and scoring of IT risks, maintain a risk register, and aggregate risk reporting
• Act as the key audit liaison for the organization, driving compliance throughout the year, providing management updates, reviewing evidence, and interfacing directly with the organization’s third-party auditors
• Coordinate the request, collection and quality control review of all infrastructure-related evidence for auditsA
• Develop metrics and reporting to show maturity and track status

MINIMUM QUALIFICATIONS: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required.

• Associate’s or Bachelor's Degree required
• PCI Internal Security Assessor (ISA) or PCI Professional (PCIP) certification preferred
• 10 years of relevant experience in IT compliance or audit  
• Proven subject-matter-expert knowledge of relevant information security domains
• Proven ability to communicate and drive solutions across all organizational levels.
• Demonstrated experience in operational planning.