At Lendbuzz, we believe financial opportunity should be more personalized and fair. We develop innovative technologies that provide underserved and overlooked borrowers with better access to credit. From our employees to our dealers, partners, and borrowers, we’ve built a company and a culture around a resolute belief in the promise and power of diversity. We value independent and critical thinking.
We are seeking a dedicated Security GRC (Governance, Risk, and Compliance) Specialist to join our security team. The ideal candidate will play a critical role in managing our organization's security governance, risk management, BCP, and compliance efforts. This role involves implementing and maintaining security frameworks, managing security risks, ensuring compliance with relevant standards, and promoting security awareness across the organization.
Key Responsibilities:
- Develop and implement security policies, procedures, and standards in line with industry best practices
- Ensure security governance processes align with organizational goals and regulatory requirements
- Lead the development, implementation, and maintenance of the organization's Business Continuity Planning (BCP) to ensure operational resilience during disruptions, while coordinating with key stakeholders for risk assessments and recovery strategies
- Identify, assess, and manage security risks across the organization
- Develop and maintain a comprehensive risk management program, including risk registers and mitigation plans
- Manage the third-party security risk management program, including conducting vendor assessments and ongoing monitoring.
- Work with cross-functional teams to ensure that risks are effectively managed and mitigated
- Ensure the organization complies with relevant security standards and frameworks, such as SOC 2, ISO 27001, NIST, etc
- Lead efforts to achieve and maintain necessary security certifications
- Provide support during internal and external audits, including preparing necessary documentation and coordinating with auditors
- Address audit findings and implement corrective actions to improve security posture
- Design and implement security awareness programs to educate employees on security best practices
- Conduct regular training sessions and awareness campaigns to promote a security-conscious culture
Qualifications:
- 3+ years of experience in a GRC role, with a focus on security governance, risk management, and compliance
- Strong knowledge of security frameworks and standards such as SOC 2, ISO 27001, NIST, and others
- Experience with security audit processes and supporting external audits
- Experience in Business Continuity Planning (BCP) or Disaster Recovery (DR) strategies, including risk assessments, business impact analysis, and continuity plan development across diverse organizational functions
- Excellent communication skills, with the ability to effectively convey complex security concepts
- Relevant certifications (e.g., CISSP, CISM, CRISC, CISA) are highly desirable
- Strong analytical and problem-solving skills
- Ability to work independently and prioritize multiple tasks
- Attention to detail and a proactive approach to identifying and mitigating risks
- Excellent organizational skills and ability to manage complex projects
- Strong interpersonal skills and the ability to collaborate across teams
What we offer:
- A culture that values product ownership, collaborative architectural planning, and building wins for your resume/portfolio as much as for the company.
- Smart, dynamic people with whom you can share the experience of building something unique.
- Competitive salary with opportunities for growth and advancement.
What We Do
Lendbuzz is an AI-based auto finance platform that helps consumers with thin or no credit history obtain financing when purchasing a car. Powered by machine learning and proprietary algorithms, Lendbuzz can assess the creditworthiness of consumers with limited credit history—a group underserved by traditional banks. Through their auto dealership partners, Lendbuzz offers consumers attractive financing solutions while opening up opportunities for those dealerships to serve a more diversified client base. Lendbuzz is headquartered in Boston, Massachusetts and was founded in 2015.