GRC Security Manager - Prosper United States Bookmark Share Print 414 0 0

Listing Description

About Us
Founded in 2005 as the first peer-to-peer marketplace lending platform in the U.S., Prosper was built on a simple idea: connect people who want to borrow money with those who want to invest. Since inception, Prosper has helped more than a million people gain access to affordable credit with over $20 billion in loans originated through its platform. Our mission is to help our customers advance their financial well-being through a variety of products including personal loans, home equity lines of credit (HELOC) and credit card. Our diverse culture rewards accountability and cross functional teamwork because we believe this encourages innovative thinking and helps us deliver on our mission.  
 
We’re on a mission to hire the very best, and we are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere. It is important to us that every hire connects with our vision, mission, and core values. Join a leading fintech company that’s democratizing finance for all!  

About Our Technology Team
We are aggressively growing our Technology team to support our various financial products. The ideal candidate is passionate about learning the Fintech domain and delivering cutting-edge, high-quality solutions to solve business problems. We utilize a progressive, test-driven, Agile development methodology that places a high premium on communication, teamwork, sound design and clean implementation. 

Our Values
Diversity expands opportunities
Collaboration creates better solutions
Curiosity fuels our innovation
Integrity defines all our relationships
Excellence leads to longevity 
Simplicity guides our user experience 
Accountability at all levels drives results

COVID-19 Vaccination Policy
Prosper is continuing to grow our team during the COVID-19 pandemic, conducting fully remote hiring and onboarding processes. Our philosophy as a business is to approach the COVID-19 situation with empathy and urgency. Prosper’s top priority is the health and safety of our employees and of the communities we serve, including our customers, partners, prospects, and candidates. In accordance with this priority, along with our legal responsibility to provide and maintain a workplace that is safe and free of known hazards, we have adopted a COVID-19 Vaccination Policy which requires all of our employees to receive vaccinations, unless they have an approved accommodation.


The Role
Prosper is seeking a detail oriented, highly motivated, technology savvy and passionate security professional with a desire to support, promote and further mature the company's security GRC program.
Responsible in executing various security compliance initiatives such as risk assessments, , security and privacy control audits and 3rd party risk assessments. You will use your strong communication, analytical and troubleshooting abilities to quickly identify and report on controls from various security domains, control and/or process gaps and to identify process and technology opportunities.

Problems You Will Solve
  • Lead information security and privacy risk assessments
  • Review, audit, and monitor security compliance programs against security policies, standards, and frameworks such as PCI-DSS, NIST, SOC 2, Sarbanes-Oxley Compliance, etc.
  • Build and own a security risk register to assist in the prioritization of key risks; articulate risk in terms of business impact and suggest reasonable strategies for mitigation
  • Identify, document, and maintain security control matrix
  • Manage documentation such as security policies, standards and guidelines, process, and data flows
  • Collaborate with Engineering, Legal, and IT Ops to help drive improvements in existing processes and develop innovative and efficient solutions
  • Help gather and analyze data from several system sources for security KPIs and dashboards
  • Coordinate external audits and evidence collection related to SOC1, SOC2, PCI-DSS, etc.
  • Perform vendor security risk assessments
  • Assist in maturing partner and investor due diligence program as it relates to queries about information security
  • Build and cultivate positive working relationships with stakeholders across various teams
  • Interact in both oral and written communications with all levels of staff

    • All About You
  • B.S. degree in Management Information Systems, Computer Science, Business, or any technology related field
  • 6-8 years of risk management, internal controls, security audit, control framework/compliance, information security, and/or technology process experience
  • Very high attention to detail, high integrity, and business ethics
  • Excellent skills around troubleshooting, problem-solving, analytical thinking, and project management
  • Knowledge/Experience in security technologies such as firewalls, IDS, DLP, Vulnerability Scanners, DAM, etc.
  • Ability to work independently to achieve objectives and deliver results
  • Experience in security standards/frameworks such as PCI-DSS, NIST, SOC 2, etc.
  • CISSP, CISA, CISM, CIPP or similar security certification is ideal
  • Big 4 Consulting experience is a plus

    • What We Offer
  • The opportunity to collaborate with a team of creative, fun, and driven colleagues on products that have an immediate and significant impact on people's lives 
  • The opportunity to work in a fast-paced environment with experienced industry leaders 
  • Flexible time off, comprehensive health coverage, competitive salary, 401(k) employer match, paid parental leave 
  • Wellness benefits including access to mental health resources, virtual HIIT and yoga workouts 
  • A bevy of other perks including Udemy access, childcare assistance, pet insurance discounts, legal assistance, and additional discounts through Perkspot 
  • The ability to work remotely in the United States 
    • #LI-RG1 
    #LI-Remote

    Applicants have rights under Federal Employment Laws.

    California applicants: please click here to view our California Consumer Privacy Act (“CCPA”) Notice for Applicants, which describes your rights under the CCPA: https://www.prosper.com/plp/legal/privacy-notice-for-applicants/

    At Prosper, we're looking for people with passion, integrity, and a hunger to learn. We encourage you to apply even if your experience doesn't precisely match the job description. Your unique skill set and diverse perspective will stand out and set you apart from other candidates. Prosper thrives with people who think outside of the box and aren't afraid to challenge the status quo. We invite you to join us on our mission to advance financial well-being.

    Prosper is committed to an inclusive and diverse workplace. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical​​​ condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law, including the San Francisco Fair Chance Ordinance. Prosper will consider for employment qualified applicants who are non-US citizens and will provide green card sponsorship.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!