Sr. Manager, Governance, Risk and Compliance
Prosper Marketplace
This job is no longer accepting applications
See open jobs at Prosper Marketplace.See open jobs similar to "Sr. Manager, Governance, Risk and Compliance" Francisco Partners.Legal
San Francisco, CA, USA
Posted on Wednesday, April 3, 2024
The Role
We are seeking a GRC Senior Manager to play a key role in the oversight and coordination of security and compliance-related functions. This individual will interface with all departments and must exhibit an ability to work cross-functionally. Above all other factors, we are looking for smart, driven candidates who want to be part of a culture of innovation and creativity as we develop and define the peer-to-peer lending market.
If you are a passionate GRC professional who is interested in driving our GRC practice, please read on!
Problems You Will Solve
- Develop Prosper’s GRC strategy and manage the day-to-day governance activities related to risk, control, and compliance management
- Establish KPIs and metrics to demonstrate effectiveness of the GRC program and report risk
- Lead the PCI-DSS compliance assessment (readiness along with the external attestation)
- Own the Risk Management Program, planning and coordinating the execution of risk assessments (NIST CSF, CIS), monitoring of emerging risks, and maintenance of the risk register
- Lead cross-functionally to maintain compliance certifications such as SOC1/SOC2 Type II, and other external IT audits
- Drive remediation of process and control deficiencies and improvements identified internally and externally
- Lead third-party cyber risk assessment/re-assessment tasks; overall responsible for vendor cybersecurity reviews
- Lead the Security Awareness Program (routine phishing simulation campaigns, security awareness trainings, newsletters, etc.)
- Take ownership of documentation processes; assist with the development and maintenance of policies, guidelines, standards, and processes
- Interface with both technical (Engineering, Technical Operations) and non technical (HR, Legal, Compliance) teams
- Build and automate processes to simplify and maintain continuous compliance over the technology environment
- Communicate, develop, and foster strong, collaborative relationships with stakeholders across all levels of the organization
- Assist with responding to privacy and security compliance requests from regulators, partners, and vendors
- Lead a team of senior GRC analysts
- Support the preparation of regular and ad-hoc risk reports for ERM governance, boards, and other relevant stakeholders
All About You
- 4+ years of direct management experience
- 10+ years of progressive and demonstrated expertise in IT compliance and risk management (PCI-DSS, SOC 1/2, NIST CSF, etc.)
- Excellent written, verbal communication skills. Ability to tailor communication style to audience at hand
- Experience with cloud environments
- Excellent project management and process improvement skills
- Ability to effectively work with technical and non-technical resources
- Self-directed, works with minimal guidance, and recognizes when guidance needed
- Experience with CCPA preferred
- CISSP, CISA, or CRISC (or similar) certifications preferred
#LI-SK1
This job is no longer accepting applications
See open jobs at Prosper Marketplace.See open jobs similar to "Sr. Manager, Governance, Risk and Compliance" Francisco Partners.