Sr Analyst, Technology Risk at Lending Club
San Francisco, CA, US
  • Assist with developing and maturing the Technology Risk program.
  • Conduct qualitative and quantitative risk assessments of Information Technology, Information Security, Third Party Vendor, and other relevant company technology risks, recommend mitigation strategies, and work with internal partners to assign monitoring responsibility.
  • Help align risk activities to common frameworks, such as FFIEC and ISO.
  • Assist in developing a technology control assurance program, including creation of methodology, communication to stakeholders, creating a risk-based plan and schedule, and performing testing activities.
  • Perform technology and security control testing based on schedule and methodology.
  • Identify and effectively communicate any findings identified in control assurance work and provide consultative feedback on possible corrective action plans.
  • Map controls to the applicable risks that it mitigates.
  • Maintain Unified Control Framework (UCF) for technology organization including proactively identifying changes and analyzing the impact to applicable regulations / frameworks.
  • Maintain and manage risks and controls within a Governance, Risk and Compliance (GRC) platform for technology and security organizations.
  • Build and cultivate positive working relationships with internal customers with the intention to exceed customer expectations.
  • Generate creative ideas and challenge the status quo.
  • Empower Lending Club's culture of rapid innovation while promoting security and developing trust.

 

 

About You

 

Qualifications

  • Minimum of 3 years of IT Audit, information security and/or risk management and advisory experience.
  • Preferred professional certifications: CISSP, CISM, CISA, CRISC or CIPP.
  • Experienced at conducting quantitative and qualitative risk assessments using common methodologies (e. g. NIST, OCTAVE, FAIR).
  • Well-versed in various information security and risk frameworks/standards (e. g. ISO 31000, ISO 2700x, NIST 800 series).
  • Familiar with GRC platforms and the relationship between risks, controls, test procedures, etc.
  • Familiar with a variety of technical concepts: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy.
  • Concise and clear communication at all levels of an organization, conveying complicated technology and security concepts to both technical and non-technical people.
  • Excellent project management and organizational skills with the ability to meet deadlines and quickly establish clear priorities.
  • Ability to grasp complex issues quickly and have strong critical thinking, analytical skills, and problem-solving skills with a high attention to detail and accuracy.
  • Self-starter who can execute in a fast-paced, high-demand environment while balancing multiple priorities.
  • BA/BS in Information Technology, Information Security, Business Administration, Economics or related field. Preferred Skills.
  • Financial Services, FinTech or Technology experience.  


LendingClub is an equal opportunity employer and dedicated to diversity and inclusion in the workplace. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender identity, sexual orientation, age, marital status, pregnancy status, veteran status, or disability status. We believe that a variety of perspectives will make our teams and business stronger as we work together to transform the traditional banking system​.

Keep up with the latest.

Get the latest updates from Norwest and insights into the venture capital world.