What are the responsibilities and job description for the Vice President, IT Governance, Risk & Compliance position at LendingPoint, LLC?
At LendingPoint, we believe that everyone deserves to feel the power of possibilities. As an online fintech company, we’ve created advanced consumer, small business, and merchant point-of-sale lending solutions to unlock access to affordable loans and empower those working to build their financial potential. By creating technology that sees your potential, we’re driving a better lending and borrowing experience by finding more reasons to say “yes.”
More than just a job, LendingPoint is an exciting career choice where you’ll bring your expertise and experience to a talented team focused on fostering positive new customer experiences that inspire loyalty.
Are we speaking about you? Then keep reading.
What’s In It For You?
- Competitive Base Salary
- Excellent Benefits Package That Includes: Medical/Dental/Vision, 401(k) match, Paid Holidays, and more!
- Team Oriented Fast-Paced Fun Environment
- Dedicated and experienced Management Team
- On-going training and investment in our employees
What You’ll Do Day to Day:
We are looking for a Vice President of IT Governance, Risk, and Compliance to mature and manage LendingPoint’s IT GRC program, providing for effective management of IT risk, while ensuring the highest level of compliance for LendingPoint’s IT services. Primary duties are focused on management of audit and compliance activities, policy development, and risk management.
ESSENTIAL JOB FUNCTIONS:
- Responsible for effective and compliant management of IT governance, risk, and compliance activities.
- Drive security best practices and ensure both regulatory and compliance requirements are met (ISO 27001, PCI, SOX, SOC 1-2-3, privacy, etc.)
- Ensure successful completion of PCI, SOC2, and ISO 27001 certification (clients and partners will look for the latter)
- Manage external audits and auditors - schedules, scope, evidence collection, SOW negotiation, remediation, audit closure
- Manage client IT audit requests in partnership with compliance, 3rd-party risk management and Legal groups
- Ensure IT governance aligns to compliance, business, and security strategy and outcomes
- Ensure policies and standards enable business success while ensuring compliance and security requirements are met
- Establish IT risk management framework and perform regular assessments to drive compliance and security maturity
- Develop risk acceptance process for ensuring risky changes are evaluated and approved prior to implementation
- Establish and maintain enterprise security risks register for incorporation into executive reporting
- Develop metrics and reporting to show maturity and track status
MINIMUM QUALIFICATIONS:
- Bachelor's Degree in Information Security or a related field required, Master's degree preferred
- 4 years of related experience beyond the minimum required may be substituted in lieu of a degree
- 15 years of relevant experience in audit and compliance programs, particularly in finance and IT areas
- 5 years of experience in IT GRC program management
- 10 years of experience with relevant regulatory compliance frameworks such as ISO, SOX, SOC, PCI, etc.
- Expert knowledge of relevant business processes and regulatory compliance requirements
- Strong communication skills with proven ability to drive solutions across all organizational levels
- Strategic and operational planning experience
- Certified Information Systems Auditor (CISA) preferred
