IT Governance, Risk & Compliance Analyst at Onbe (Remote)

| Remote
Sorry, this job was removed at 9:41 a.m. (CST) on Sunday, May 1, 2022
Find out who’s hiring remotely Nationwide
See all Remote jobs Nationwide
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Onbe, a fast-growing FinTech, bringing innovation to a rapidly growing global marketplace, stands for "on behalf." Because that's exactly how we work: on behalf of our clients, as their comprehensive payments partner. We transform the way payments are imagined - as an opportunity for innovation, a source of insight to customers, and a way to connect with partners around the globe!
Summary: The IT Governance, Risk, and Compliance Analyst will build, coordinate, and articulate summarized risk findings that are clear and useful by business partners, reduce risk by helping to prioritize and drive remediation efforts throughout the organization, and contribute to risk management, treatment, and reporting process efforts to protect data assets. The analyst's role will help prepare for and facilitate assessments and examinations by qualified security assessors. The analyst will perform third party supplier security assessments, as well as facilitate and coordinate responses for customer due diligence questionnaires.
Responsibilities:
  • ‍Perform information security risk assessments and risk management activities across the organization.
  • Establish and maintain risk criteria, identify, analyze, and evaluate information security risks.
  • Ensure that repeated information security risk assessments produce consistent valid and comparable results.
  • Maintain repository of documented information about the information security risk assessment process.
  • Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities and risks.
  • Perform selection of appropriate information security risk treatment options as a result of risk assessment results, determine all controls that are vital to implement the information security risk treatment options, compare controls and verify that no vital controls have been omitted, acquire risk owner's approval of the risk treatment plan and acceptance of residual information security risks.
  • Assist with the evaluation of the effectiveness of information security management and performance by developing, monitoring, gathering, and analyzing information security and compliance metrics for management.
  • Develop and implement a risk reporting framework for management teams and governance committees.
  • Design and document IT general controls to ensure the business demonstrates compliance with its regulatory or compliance obligations.
  • Facilitate and coordinate activities and responses related to internal and external control testing including entitlement reviews.
  • Facilitate the remediation of control gaps and raise critical issues to management.
  • Work closely with control owners, internal and external auditors to ensure requests are completed for timely delivery to audit.
  • Assist with third party audits and certifications for the organization (i.e. SOC, ISO, PCI, etc.)
  • Assist with responding to customer information security requirements and due diligence questionnaires.
  • Coordinate and facilitate response gathering in conjunction with other organizational application, support, infrastructure, legal, HR, and physical security teams.
  • Maintain repository of customer information security requirements, track, and report on compliance.
  • Research, recommend, and contribute to information security polices, standards, and procedures and work with other organizational participants from legal, human resources, information technology, compliance, physical security, the business units and others that have to implement the policies.
  • Assist the lifecycle management of information security's policy and supporting documents.

Qualifications:
  • 5+ years of IT governance, risk and or compliance experience
  • Knowledge of identity and access management (IAM) principles
  • Experience with modern GRC tooling
  • Experience reporting risk within a global enterprise, developing a culture of risk informed decision making
  • Experience with risk assessments and compliance of major regulatory initiatives (e.g. SOX, PCI-DSS,)
  • Experience with cyber security and information security program management and frameworks (e.g. NIST CSF, ISO/IEC 27000, etc.)
  • Exposure to and familiarity with relevant standards such as ISO/IEC 27000 family - Information Security Management Systems, NIST Cybersecurity Framework, NIST 800, and applicable laws related to regulatory compliance, information security and privacy (e.g. SOX, HIPAA, GDPR, PCI-DSS)
  • Knowledge of information security risk management and IT controls frameworks and methodologies (e.g. ISO/IEC 27005, COBIT, OCTAVE)
  • Knowledge of Risk Management Principles (risk avoidance, transfer, mitigation, acceptance), Risk Assessment process
  • Knowledge of Standardized Information Gathering (SIG) Questionnaire

This position can be office based, hybrid or fully remote in the continental United States. Onbe's employee base is mostly clustered in the Eastern and Central time zones, with offices in suburban Philadelphia and suburban Chicago.
At Onbe, a diverse group of people, ideas, and perspectives are key to achieving phenomenal things. For over 25 years, our focus has remained on building a culture of openness and ingenuity, where employees come together to innovate and build disbursement solutions that make the lives of our clients and their consumers and workforces easier and better. Our definition of success includes celebrating differences and affirming belonging. To that end, we ask employees to come to Onbe as they are and contribute their diverse perspectives, identities, and experiences.
We believe that the recruiting phase is only the very beginning of diversity and inclusion. At Onbe, we're constantly evolving the way we celebrate diversity every day and in everything we do. With several internal committees that are dedicated to mental and physical wellness, diversity, inclusion, and community outreach, we are committed to making a culture that is inclusive to all.
Onbe is proud to be an equal opportunity employer. We seek out ways to create a mindful workforce that embraces diversity and celebrates a culture of inclusion. We do not discriminate against employees or job applicants on the basis of race, color, ancestry, national origin, sex (including pregnancy), gender identity, sexual orientation, marital or family status, religion, age, disability, genetic information or military service. Our equal opportunity policy applies to all decisions of employment including hiring, placement, promotion or advancement, termination, layoff, recall, transfer, compensation, training and leaves of absence.
Featured benefits
Employer-provided
Medical insurance, dental insurance, vision insurance, 401(k), paid maternity leave, and paid paternity leave
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • C#Languages
    • JavascriptLanguages
    • SqlLanguages
    • AzureLanguages
    • jQueryLibraries
    • PowerAppsLibraries
    • AngularJSFrameworks
    • ASP.NETFrameworks
    • EntityFrameworkFrameworks
    • Azure Kubernetes ServicesFrameworks
    • PactFrameworks
    • DaprFrameworks
    • SQLDatabases
    • Cosmos DBDatabases
    • Google AnalyticsAnalytics
    • MixpanelAnalytics
    • PowerBIAnalytics
    • IllustratorDesign
    • MiroDesign
    • PhotoshopDesign
    • JIRAManagement
    • Microsoft ProjectManagement
    • SmartsheetManagement
    • WrikeManagement
    • Microsoft DynamicsCRM
    • SalesforceCRM

An Insider's view of Onbe

What’s the vibe like in the office?

The vibe here at Onbe is really quite special. It's a great feeling to be around my colleagues in an atmosphere that energizes and motivates me to solve challenges and collaborate in a team. Remote working is flexible and highly supported by leadership given all the tools and resources we have to do our best work, regardless of location.

Emmanuel

Senior Engineer, Security

How do you collaborate with other teams in the company?

Having transitioned to a remote working structure, Onbe has mastered the art of collaboration. No matter the team, time zone or location, everyone at Onbe is willing to jump on board and help with projects. No matter who I am working with, my voice and ideas are not only welcomed, but they are celebrated.

Vasi

Brand Marketing Manager

How has your career grown since starting at the company?

I joined the company to start the Data & Analytics practice, and we were only two Engineers assigned to this effort. As the company is growing, our role is becoming central to the overall strategy and that is translated in the growth of the team as well as my own development as a strategic leader.

Patrick

Vice President, Data

How do you empower your team to be more creative?

We challenge each other to think critically about when to standardize vs when to innovate. Especially as our organization grows, we look to streamline and automate the repeatable and free ourselves up for discovery, problem solving and creative thought. As a company, we prioritize time and resources for learning and personal development experiences

Tracy

SVP, Product

How would you describe the company’s work-life balance?

Since starting at Onbe, something that was made clear to me was the importance of family and work life balance. Family and our own health always comes first and our peers always help us accommodate for when something does come up. Everyone is always understanding that we have a life outside of work and everyone always offers to help out if needed.

Elana

Scrum Master

What are Onbe Perks + Benefits

Onbe Benefits Overview

Onbe wants to support you choosing where you do your best work. No set number of days in the office – work where you are most productive (for some that’s 5 days at home, for some that’s 5 days at the office, or anywhere in between).

Culture
Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Unconscious bias training
Diversity manifesto
Diversity Employee Resource Groups
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Pet Insurance Discount Offered through Wishbone
Wellness Programs
Onsite Gym
Mental Health Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
4% match – dollar for dollar match on the 1st 4% of contributions
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Onbe offers 15 weeks of 100% covered maternity leave and 4 weeks of 100% covered paternity leave.
Flexible Work Schedule
Remote Work Program
Onbe wants to support you choosing where you do your best work. No set number of days in the office – work where you are most productive (for some that’s 5 days at home, for some that’s 5 days
Family Medical Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Unlimited PTO includes sick time, volunteer time and vacation time. Each employee is required to take a minimum of 15 days per year!
Paid Volunteer Time
Paid Holidays
Perks & Discounts
Casual Dress
Company Outings
Game Room
Some Meals Provided
Happy Hours
Recreational Clubs
Home Office Stipend for Remote Employees
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
Continuing Education stipend
Time allotted for learning
Online course subscriptions available
Customized development tracks
Paid industry certifications

Additional Perks + Benefits

Additional Benefits include: “Pencils down Summer Fridays” - No internal Teams meetings Memorial through Labor Day on Fridays

More Jobs at Onbe

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Onbe's full profileSee more Onbe jobs