Cybersecurity Compliance Lead, Security Compliance

| Seattle, WA | Hybrid
Sorry, this job was removed at 1:39 p.m. (CST) on Wednesday, March 9, 2022
Find out who's hiring in Seattle, WA.
See all Cybersecurity + IT jobs in Seattle, WA
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Employee Applicant Privacy Notice

Who we are:

Shape a brighter financial future with us. 

Together with our members, we’re changing the way people think about and interact with personal finance.

We’re a next-generation fintech company using innovative, mobile-first technology to help our nearly 3 million members reach their goals. The industry is going through an unprecedented transformation, and we’re at the forefront. 

We’re proud to come to work every day knowing that what we do has a direct impact on people’s lives, with our core values guiding us every step of the way. Join us to invest in yourself, your career, and the financial world. 

About The Role
The Governance, Risk, and Compliance (GRC) team handles a wide range of cross-functional activities, from security compliance certifications and audits, to risk management, inbound and outbound due diligence, security awareness, policy and procedures, and more.

Each of these ongoing parallel activities entails interpreting and setting requirements, assessing the effectiveness of security controls, risk-based decision making, cross-functional collaboration and communication, and staying up-to-date on security best practices and how changes in the evolving threat landscape need to inform our strategy.

The Cybersecurity Compliance Lead is a hands-on and high energy program leader who can operate independently in achieving our team objectives. The team’s primary objective is to assist in overseeing the Security Compliance program enterprise wide.

The successful candidate will bring vision to the role and will have expertise in cloud technologies/environments, AWS or other related cloud experience, and testing security efficiency. The Cybesecurity Compliance Lead will quickly establish multi-functional relationships with colleagues to become a trusted resource for our Engineering, Product Delivery, TechOps, Compliance and Risk Teams, while also maintaining a hands-on role in proposing solutions/controls and crafting specifications for those teams.

Responsibilities

  • Apply a working knowledge of information security regulation and policy to articulate customer and control impact and drive alignment to SoFi’s integrated control framework
  • Partner with security engineering, architecture and application development teams to deploy preventative and detective controls against our cybersecurity policies and standards to achieve continuous compliance
  • Assess effectiveness, scalability and reliability of security controls and automate assessments in enterprise or cloud environments
  • Monitor and ensure compliance with new regulatory requirements, information system security policy and procedures
  • Manage security compliance programs and examinations while working to standardize and optimize controls and procedures across SoFi
  • Liaise with auditors, articulate control implementation and impact, and describe considerations for applying security and compliance concepts to a technical cloud environment
  • Define and execute existing or new compliance initiatives (SOC1, SOC2, ISO27001,PCI, FedRamp)
  • Assess and track compliance with regulatory and legal requirements relevant to the SoFi business such as GLBA, FINRA, State
  • Cybersecurity requirements (i.e. NYDFS, Colorado Security Act etc..) and contractual commitments
  • Maintain security diligence programs for investors, partners, and prospective partners.
  • Lead the escalation and resolution of risk and compliance issues with appropriate leadership cross functionally
  • Metrics driven, understands, develops and delivers meaningful risk-based operational metrics, dashboards and reports to a wide audience demonstrating our current program state and adherence to frameworks and standards

Minimum qualifications

  • BS degree in Computer Information Systems or related field
  • 7+ years of experience with security-related regulatory compliance for financial services
  • Strong leadership skills
  • Experience managing PCI DSS, ISO 27001, SSAE18, or other compliance standards and framework programs
  • Strong knowledge of security risk management and running audits/certification programs
  • Knowledge of, or experience working with, Cloud technologies/environments, AWS or other related cloud experience
  • Self-starter with strong interpersonal and communication skills
  • Demonstrate ability to assimilate new knowledge quickly
  • Comfortable working in a fast-paced, dynamic environment

Preferred qualifications

  • Big 4, or management/IT consulting experience
  • Relevant certification (e.g. CISA, CISSP) or equivalent expertise
  • Have a detailed knowledge of NIST 800-53/800-37, CNSSI 1253, SOC1, SOC 2, PCI, or ISO 27001 standards and understanding of evaluating the design and effectiveness of IT controls working directly with auditors for these types of assessments
  • Ability to review technical reports and provide risk mitigation solutions from activities such as Penetration Testing, Vulnerability
  • Management, Wi-Fi testing and/or web-based application assessments
  • Understanding of AWS cloud computing services/deployment architecture (IaaS, PaaS, SaaS) through experience in operating them or obtaining certifications
  • Have experience in performing technical assessments and audits of network, operating systems, application

Why you’ll love working here:

  • Competitive salary packages and bonuses
  • Comprehensive medical, dental, vision and life insurance benefits
  • Generous vacation and holidays
  • Paid parental leave for eligible employees
  • 401(k) and education on retirement planning
  • Tuition reimbursement on approved programs
  • Monthly contribution up to $200 to help you pay off your student loans
  • Great health & well-being benefits including: telehealth parental support, subsidized gym program
  • Employer paid lunch program (except for remote employees)
  • Fully stocked kitchen (snacks and drinks)

*These benefits are only applicable to full time employeesSoFi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion (including religious dress and grooming practices), sex (including pregnancy, childbirth and related medical conditions, breastfeeding, and conditions related to breastfeeding), gender, gender identity, gender expression, national origin, ancestry, age (40 or over), physical or medical disability, medical condition, marital status, registered domestic partner status, sexual orientation, genetic information, military and/or veteran status, or any other basis prohibited by applicable state or federal law.The health and safety of our employees and their families is our top priority. Due to the ongoing nature of the COVID-19 pandemic, and because unvaccinated employees pose a direct threat to the health and safety of others in the workplace, effective on November 1, 2021, U.S. employees must be fully vaccinated to work from any of our offices, travel for business or attend work-related meetings.The company will make reasonable accommodations when possible for employees who are unable to be vaccinated because of a disability, pregnancy, sincerely held religious belief, or for other legally required reasons..Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Due to insurance coverage issues, we are unable to accommodate remote work from Hawaii or Alaska at this time.

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • KotlinLanguages
    • SqlLanguages
    • SwiftLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • Node.jsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • Microsoft SQL ServerDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases

An Insider's view of SoFi

What's something quirky about your company?

I was surprised by how such a quickly growing company could create such a welcoming and unifying environment for everyone. To see the company executives, especially our CEO, make themselves visible and regularly accessible while pushing this company forward. I love the regular All-Hands meetings, and I really feel as if we’re one big family here.

Sulaiman

Content Writer/Editor

What does your typical day look like?

No two days are the same, which I love! I spend most of the day working on projects that are directly connected to our company-wide priority #1 ; which is to create a durable culture where people love to work. Things like creating a Diversity, Equity and Inclusion site, managing our careers page, and hosting events that bring our culture to life.

Kari

Principal Talent Brand Manager

How does the company support your career growth?

SoFi is committed to creating development opportunities for our employees. Our mentorship program, GROW, seeks to inspire, empower, and elevate underrepresented employees by fostering 1:1 professional relationships with a mentor to receive real-time, active coaching, key business knowledge, and advocacy in support of their professional journey.

Ishani

Tech Recruiter and GROW Co-Founder & Lead

How do you make yourself accessible to the rest of the team?

Regular meetings with my team where each of us (including myself!) highlight our wins of the week, voice any delays or concerns, and share what is top of mind. It brings transparency onto the team, allows each of us to ask questions, and get involved if needed. It also enables us to spend our time on more strategic topics or personal development.

Yelena

Vice President, Invest

How has your career grown since starting at the company?

I've had four roles in six years at SoFi, and in each one, I’ve been able to add a new tool to my tool box. Things like how to analyze data and turn it into usable insights, and how to be an active listener. One thing that really helped me navigate my career here is my willingness to learn new things, and apply them to my job or the task at hand.

Thomas

Senior Relationship Manager, Recovery Operations

What are SoFi Perks + Benefits

SoFi Benefits Overview

We’re committed to fostering an environment where employees understand how they’re doing, where they’re going, and how to get there—with compensation programs designed to attract, retain, and reward talented people who believe in our mission.

Culture
Volunteer in local community
Launching in February 2022 we will offer employees up to 16 hours a year to volunteer for causes they are most passionate about in order to support the communities in which we live and work.
OKR operational model
Team based strategic planning
Pair programming
Open office floor plan
Flexible work schedule
SoFi offers flexible schedules for all employees, including a hybrid in-office/work-from-home environment. We also have SoFridays where we encourage employees to sign off early when they can.
Remote work program
Employees are encouraged to work with their manager to determine the best future work environment - full-time remote, hybrid, or full-time in office.
Diversity
Highly diverse management team
We have set an ambitious goal of increasing URG representation in management to 50% by 2023. As of 10/1/2021, 37.5% of our managers identify as an underrepresented group.
Mandated unconscious bias training
Required for all employees as part of our DE&I programs to educate our workforce, enable them with the tools to eliminate unconscious bias, and to ensure fairness & clarity in hiring and retention.
Diversity manifesto
Diversity employee resource groups
SoFi proudly sponsors eight employee resource groups, called Circles. These groups build high-trust relationships and foster a sense of belonging for the diverse communities represented at SoFi.
Hiring practices that promote diversity
We anchor our interview process to identified success competencies associated with each role vs informal interviewing.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
SoFi's Flexible Spending Account (FSA) lets employees pay for dependent care and eligible out-of-pocket healthcare expenses with pre-tax contributions of up to $2,750 annually.
Disability insurance
SoFi's disability insurance benefit is 60% of an employee's base salary up to a maximum of $5,000/month for short term disability, and $10,000/month for long term disability.
Dental insurance
SoFi's Delta Dental plan provides employees the flexibility to choose any dentist in‐network or out‐of‐network and still receive benefits.
Vision insurance
SoFi's vision plan provides 100% coverage for annual eye exams through VSP choice doctors, plus offers additional discounts for frames and laser vision repair.
Health insurance
SoFi employees receive comprehensive health, vision, dental, life insurance, and disability benefits—as well as flexible time off, fitness, fertility, and family planning options.
Life insurance
SoFi pays for 1 times employees annual salary for Basic Life and AD&D Insurance, and employees have the option to purchase additional life insurance.
Pet insurance
Employees have the choice of 2 plans with 50%, or 70% reimbursement on vet bills including accidents, illnesses and hereditary conditions up to $7,500 annually.
Wellness programs
SoFi offers a variety of benefits to support employees and their families in attaining and maintaining good health — both physically and mentally. Incl: health club discounts, therapy, and more.
Mental health benefits
SoFi partners with Modern Health, which provides support to help people reduce stress, feel more engaged, and be happier. Employees and dependents can receive up to 6 therapy sessions + other support.
Financial & Retirement
401(K)
SoFi's 401(k) retirement plan helps our employees set aside income they will need in the future.
Company equity
SoFi offers stock options through its employee profit sharing program, including vesting over a four-year period.
Performance bonus
SoFi's performance bonus plan is paid out quarterly when employees meet targets set by their direct supervisors.
Child Care & Parental Leave Benefits
Childcare benefits
Through care.com, parents have access to in-home or in-center vetted and subsidized care for your children when regular care is not available.
Generous parental leave
SoFi will provide up to 8weeks of paid parental leave to employees following the birth of an employee’s child or the placement of a child with an employee in connection with adoption or foster care.
Family medical leave
Company sponsored family events
Vacation & Time Off Benefits
Unlimited vacation policy
Generous PTO
We offer unlimited PTO for all full-time, non-exempt employees.
Paid volunteer time
Coming soon through SoFi Gives - our new volunteer program that includes time off for employees to volunteer.
Paid holidays
Paid sick days
SoFi offers a variety of comprehensive paid sick days based on employee location and employment type.
Office Perks
Commuter benefits
SoFi's commuter benefits can help employees save money by paying for commuter expenses with pre-tax dollars up to $270 per month.
Company-sponsored outings
Pre-COVID-19 pandemic we had annual holiday parties, team offsites, and more. With COVID, we have zoom talent shows, take your parents/children to work zoom events, and more!
Free daily meals
SoFi provides catered lunches at some locations and offers lunch cards to those employees where catered lunch is not provided in the office.
Free snacks and drinks
All SoFi offices have stocked kitchens included unlimited snacks, coffee, tea, Kombucha, and beer on tap!
Some meals provided
SoFi provides catered lunches at some locations and offers lunch cards to those employees where catered lunch is not provided in the office.
Company-sponsored happy hours
SoFi encourages employees to hang out after work!
Fitness stipend
SoFi offers employees more convenience, flexibility and gym options, thanks to our partnership with Gympass.
Professional Development Benefits
Job training & conferences
SoFi offers frequent training, mentorship opportunities, and leadership programs to develop our people. We also cover tuition costs for approved programs, up to $5,250 per year.
Tuition reimbursement
SoFi offers frequent training, mentorship opportunities, and leadership programs to develop our people. We also cover tuition costs for approved programs, up to $5,250 per year.
Lunch and learns
Each organization at SoFi offers regular lunch and learns to give employees visibility to company & industry leaders.
Promote from within
Mentorship program
SoFi's Grow Mentorship program seeks to inspire and elevate our most underrepresented employees by fostering professional development and by giving allies the chance to take action.
Continuing education stipend
We want to help our employees achieve financial freedom, just like our members. That’s why we contribute $200 per month toward your student loans to help pay down student debt,
Customized development tracks
Paid industry certifications
This perk depends on the organization, but our Engineering, Product & Design, plus Operations team offers top performers paid industry certifications to develop their careers.

Additional Perks + Benefits

Our people are our greatest differentiator - if we take care of our people, they will take care of our members. That's why we offer comprehensive, flexible benefits and perks that support their physical, mental, and emotional wellbeing so they can bring their best selves to work.

More Jobs at SoFi

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about SoFiFind similar jobs like this