🛠 Tech Stack

💼 About This Role

You'll own and execute GRC programs that protect customer trust and enable secure business growth. You'll act as a trusted partner translating audit, risk, and compliance requirements into practical guidance. This role offers the opportunity to drive process improvement and automation in a digital-first environment.

🎯 What You'll Do

• Coordinate SOX IT and SOC 2 audits across engineering and business teams.
• Manage security due diligence requests from prospective and existing partners.
• Own information security policy management and awareness initiatives.
• Execute third-party risk assessments and track remediation actions.

📋 Requirements

• 5+ years in information security, GRC, or IT audit.
• Experience operating GRC programs in a regulated tech or financial services environment.
• Working knowledge of SOC 2, NIST CSF, or NYDFS frameworks.
• Ability to design metrics and KRIs for diverse stakeholders.

✨ Nice to Have

• Experience in cloud-native environments (AWS preferred).
• Relevant certifications (CISSP, CISA, CRISC, CISM).
• Scripting or coding skills to automate workflows.

🎁 Benefits & Perks

• 🏖️ Flexible remote work within the US with digital-first culture.
• 💰 Target bonuses and equity compensation included in total package.
• 📈 Career development through exposure to cutting-edge AI lending platform.
• 🌐 In-person onsites 1-2 times per quarter for team collaboration.
• 🏢 Office hubs in San Mateo, Columbus, Austin, and NYC.