Listing Description
About Earnin:
Earnin is a community-supported financial platform with a suite of tools that let people take control of their financial future. Earnin started out by solving one of the greatest – and least discussed – inequities in the American financial system: the practice of employers paying workers bi-weekly. Earnin's core product, Cash Out, allows people to access the pay they've already earned. There are no loans or hidden costs. People pay what they choose. Other products include: Balance Shield, which helps prevent overdrafts, a financial calendar that helps people budget and schedule payments, and Tip Yourself - a revolutionary free social savings app.
Funding: Series C, current funding partners include Andreessen Horowitz, DST, Matrix Partners, Ribbit Capital, Felicis Ventures and March Capital.
Join us and help build a new financial system focused on fairness and people’s needs.
You can help make a difference!
Position Summary:
We are looking for a passionate trusted advisor who is excited to jump in and help in establishing security governance, risk and compliance function. Join the growing Information Security org at Earnin as a Security Risk Management Senior Analyst if you have hands-on experience in implementing technical controls and managing risk. You can make an impact on our rapidly growing product portfolio, while ensuring that we continue to adhere to risk governance frameworks and practices to achieve the required level of consistency, quality and protection to meet overall business needs.
You should have a natural sense of curiosity, a propensity for action, and a collaborative and diplomatic approach to problem solving. You must also enjoy collaboration and communication.
This is a remote position.
What You'll Do:
- Lead and drive audit readiness activities against NIST CSF, AICPA SOC 2 Type 2, PCI and SOX frameworks
- Maintain artifacts and documentation for continuous control monitoring
- Collaborate with multiple business partners to ensure compliance is maintained during implementation of various processes and technologies
- Conduct third party (vendor) risk assessments and manage the relationship with vendor through the lifecycle
- Assist in monitoring and reporting of key security metrics to monitor security program effectiveness.
- Draft, review, update policy and procedure documents to reflect current processes and directional security/privacy guidance.
- Assist with maintenance and upkeep of risk register and drive items to remediation
What We're Looking For:
- 3-5 years of security experience in relevant Security Risk Management, IT Audit, IT Compliance, etc.
- Experience implementing and maturing security programs based on PCI, SOC2, NIST 800-53, FFIEC, etc.
- Experience implementing privacy programs based on privacy regulations such as CCPA and GDPR
- Experience conducting security and risk assessments for third-party products, across banks or other financial institutions
- Experience in re/designing processes and implementing controls and technical solutions
- Familiarity with AWS a plus
- One or more industry certificates e.g. CISSP, CRISC, CISA, CISM
- Demonstrated customer-first mindset and diplomacy
- Experience working in a fast paced FinTech or HealthTech industry is highly desirable
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided