Lending Club (NYSE: LC) opened in 2007 with one simple mission: create a more efficient, transparent and customer-friendly alternative to the traditional banking system that offers creditworthy borrowers lower interest rates and investors better returns. Today, we’re the world’s largest online credit marketplace, and we’re radically changing the way lending operates. We’re proud of the recognition we’ve received, including being named a World Economic Forum Technology Pioneer, a CNBC Disruptor 50, and one of The World’s 10 Most Innovative Companies in Finance by Fast Company. We’re conveniently located in downtown San Francisco, California.
The Senior Director, Technology Risk will direct the company’s efforts to develop and promote the technology oversight framework. Technology risk encompasses all risks related to design, develop, and deploy application, infrastructure and end user technology solutions to meet business objectives with required ability and resiliency, specifically the risk of architecture & design, technology change, technology availability, disaster recovery, system security and end user computing. The primary responsibilities include defining and maintaining risk frameworks, defining and monitoring for compliance against 2nd Line of Defense technology risk management policies and standards, monitoring and reporting aggregated risk and risk response, performing risk review and evaluation to identify and respond to risks and enable business objectives and decision-making, and driving continuous improvement of risk management capabilities across businesses and divisions. The Senior Director leads a team of 2 direct reports. This role is responsible for understanding technology risks by analyzing, anticipating and tracking the evolving risks. The role will be responsible for reviewing and synthesizing metrics and reports and sharing information and trends with key business leaders.
Technology Risk Identification, Assessment and Evaluation:
- Identify, assess and evaluate technology risk to create and execute the enterprise risk management strategy.
- Analyze risk scenarios to determine their impact on business objectives.
- Develop a risk awareness program and conduct training to ensure that people understand risk and contribute to the risk management process and to promote a risk-aware culture.
- Identify legal, regulatory and contractual requirements, along with policies and standards related to technology systems/applications to assess their potential impact on the business objectives.
- Identify and evaluate risk response options and provide management with information to enable risk response decisions.
- Remediation and incident response oversight.
Technology Controls Consulting & Monitoring:
- Review technology policies, standards and procedures to verify that they address LendingClub's internal and external requirements.
- Assess and recommend tools and techniques to automate technology control verification processes.
- Provide technology control status reporting to LCers to enable informed decision-making.
- Facilitate the identification of metrics and key performance indicators to enable the measurement of technology control performance in meeting business objectives.
- Monitor and communicate key risk indicators (KRIs) and management activities to assist in decision-making processes.
- Technology Policies/Standards Governance and Compliance
- Ensures that all technology-related policies and procedures are aligned with regulatory requirements.
- Participates in technology projects and initiatives to bring precautionary risk management focus into the solutions.
- Bachelor's degree or equivalent in Business, Economics, Finance, Technology, Accounting or equivalent.
- 8+ years of experience in technology or information security related field - financial/banking industry experience preferred.
- Practical experience in internal/external audits, risk management - methods and techniques for the assessment and management of risk.
- You are able to summarize and communicate technical data to a non-technical audience.
- You have the ability to work in a collaborative environment.
- You love taking ownership of initiatives and issues and lead them to completion.
- Craft reports and analyze reports for a diverse group of people.
- Experience in vulnerability assessment, security incident response and application security preferred.
- Knowledge and skills across: Coso, ISACA Risk IT framework, ISACA, COBIT 5.0, ISO 31000-series and 27000-series, 13335, NIST Cybersecurity framework
Why Join Us?
We offer all the important stuff like competitive salaries, equity, 100% paid medical and dental, and because we've been around longer we also have stuff like great food, game rooms, a super convenient location in downtown SF and a 401K match. More importantly, we're the clear market leader, which gives us awesome momentum. As Forbes put it, "While not often thought of as a "sharing economy" company, given the massive size of the financial industry Lending Club could end up being one of the most disruptive–and largest–companies in this sector." We think one of our own employees put it best: "Many companies talk about reshaping an industry, but Lending Club is one of the few that is actually achieving this lofty goal. Growth comes in monthly leaps that just seem to keep accelerating, leading to ever-larger opportunities. There is an intriguing focus on how to get more efficient and do bigger things. Working here is definitely a chance to be a part of something special."