Technology Risk Assessment Manager

Employee Applicant Privacy Notice Who we are: Shape a brighter financial future with us... Together with our members, we're changing the way people think about and interact with personal finance. We're a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we're at the forefront. We're proud to come to work every day knowing that what we do has a direct impact on people's lives, with our core values guiding us every step of the way. Join us to invest in yourself, your career, and the financial world. The role: As the Technology Risk Assessment Manager, you will further support the company's second line Technology Risk Sr. Manager completing risk management activities across technology risk functions at SoFi. This role will require you to collaborate with cross-functional SME's across all lines of defense to drive technology risk decisions, innovations, and communicate them to the Technology Risk Sr Manager. Additionally, you will play a key role in ensuring SoFi meets regulatory requirements by fostering and promoting best practices in technology risk assessment through evangelizing and collaborating with cross-functional stakeholders. The ideal candidate for this role will have a deep understanding and curiosity of technology risk management and best practices, familiarity with a variety of frameworks (e.g. FFIEC, NIST, ISO, etc.), and strong understanding of technology stack leveraged in cloud environments. Strong partnership skills, excellent communication and collaboration abilities, and the ability to deliver programs that improve SoFi's overall technology risk posture will be a key to success in this role. This role is a rare opportunity to work with a growing and driven team at a fast-growing and innovative financial technology company. What you'll do: At SoFi, our ambition is to help our members achieve financial independence and reach their goals. We aim to be at the center of our members' financial lives, and to help every member get their money right. You will be a part of the second line Technology Risk Management team dedicated to driving risk management around our foundational technology which drives forward our mission to help members achieve their financial ambitions. • Help further define and lead SoFi's technology risk management vision and execution by driving risk assessments, ensuring compliance with policies and procedures, and finding solutions for various technology related initiatives • Partner with SME's across the organization to implement processes that drive down residual risk and improve the overall technology risk posture, working closely with engineering and technology operations teams to establish infrastructure and tooling that enable teams across SoFi to comply with requirements. • Provide subject matter expertise in Technology Risk and serve as a point of contact within the organization for technology risk assessment concepts • Consume technology and security standards, technology processes, and associated control requirements to support operationalization and deployment What you'll need: • 5+ years of professional and relevant experience in Technology Risk Management and Technology Risk Consulting, including exposure with a Financial Technology - Framework (FFIEC, NIST, ISO, COBIT, PCI, etc.) • Bachelors' Degrees in Computer Science, Systems Engineering, Information Technology or equivalent technical experience • 3+ years of experience in technology risk governance; handling compliance, technology risk management, and/or internal/external audits. • Strong risk assessment and process evaluation experience; developing and establishing process flows end-to-end • First-hand experience working with various technology and governance frameworks (FFIEC, NIST, ISO, COBIT, PCI, etc.) • Strong partnership capabilities and ability to build and foster strong cross-functional work relationships • Excellent communication skills (verbal, written, and visual); ability to communicate technology and security concepts to both technical and non-technical partners Nice to have: • Prior experience completing end-to-end technology risk assessments • Relevant industry certifications, for example, CISSP, CCSK, CISA; ability to drive innovation, new practices; experience interacting with regulators (Federal Reserve, OCC, CFPB) • Experience working in Google Docs, Sheets and Slides Compensation and Benefits The base pay range for this role is listed below. Final base pay offer will be determined based on individual factors such as the candidate's experience, skills, and location. To view all of our comprehensive and competitive benefits, visit our Benefits at SoFi page! SoFi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion (including religious dress and grooming practices), sex (including pregnancy, childbirth and related medical conditions, breastfeeding, and conditions related to breastfeeding), gender, gender identity, gender expression, national origin, ancestry, age (40 or over), physical or medical disability, medical condition, marital status, registered domestic partner status, sexual orientation, genetic information, military and/or veteran status, or any other basis prohibited by applicable state or federal law. The Company hires the best qualified candidate for the job, without regard to protected characteristics. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. New York applicants: Notice of Employee Rights SoFi is committed to embracing diversity. As part of this commitment, SoFi offers reasonable accommodations to candidates with physical or mental disabilities. If you need accommodations to participate in the job application or interview process, please let your recruiter know or email accommodations@sofi.com. Due to insurance coverage issues, we are unable to accommodate remote work from Hawaii or Alaska at this time. Internal Employees If you are a current employee, do not apply here - please navigate to our Internal Job Board in Greenhouse to apply to our open roles