Staff Engineer, GRC

Are you looking for a friendly, fast-paced workplace with an emphasis on helping customers and empowering team members? Snap Finance is a thriving leader in the financial services industry, and our team members are the foundation of our success. Snap knows that happy, empowered, and engaged team members are essential to innovation and business success- and our approach is working. Come join us!

Job Description

Key Responsibilities:

• Strategic Design and Implementation:
  • Develop and implement an integrated information security, compliance, and privacy controls model aligned with industry standards and organizational objectives.
  • Drive the creation and execution of the security and privacy compliance roadmap, ensuring alignment with regulatory requirements and industry best practices.
• Risk and Compliance Management:
  • Conduct risk assessments to identify vulnerabilities, privacy risks, and gaps across critical service areas, and formulate effective remediation plans.
  • Oversee audit activities related to security, compliance, and privacy, ensuring thorough and timely completion, and manage the integration of audit findings into the respective programs.
• Privacy Program Management:
  • Develop and implement privacy policies and procedures in compliance with relevant data protection regulations (e.g., GDPR, CCPA).
  • Lead efforts to ensure data protection by design and by default and oversee the management of data subject rights requests and data breach responses.
• Stakeholder Engagement:
  • Provide exceptional support to both internal and external stakeholders, delivering a world-class experience related to information security, risk, compliance, and privacy.
  • Accurately communicate the organization’s compliance and privacy position and programs to customers and other key stakeholders.
• Process Optimization:
  • Build and enhance automated, scalable, and efficient security, compliance, and privacy processes.
  • Drive continuous improvement initiatives to strengthen the risk, compliance, and privacy programs and overall security posture.
• Monitoring and Reporting:
  • Lead continuous monitoring efforts, manage remediation activities, and report on control effectiveness and status.
  • Maintain comprehensive evidence documentation to ensure repeatable and auditable processes related to security, compliance, and privacy.
• Cross-Functional Leadership:
  • Coordinate cross-functional team meetings to address and close control gaps effectively in the areas of security, compliance, and privacy.
  • Foster partnerships across the organization to align on compliance and privacy goals and ensure cohesive execution of related initiatives.:

You…

• Education: Bachelor’s degree in Computer Science, Information Security, Business Administration, Privacy Law, or a related field. Advanced degree or relevant certifications (e.g., CISSP, CISM, CISA, CIPP) preferred.
• Experience: Extensive experience (minimum 10 years) in security, compliance, and privacy roles, with a proven track record in a leadership position. Hands-on experience in conducting audits and risk assessments against information security and privacy frameworks is essential.
• Technical Skills:
  • Deep understanding of compliance frameworks and privacy regulations such as SOC 2, ISO 27001, NIST CSF, PCI, HITRUST, GDPR, CCPA.
  • Proficiency in writing and implementing Information Security and Privacy Policies, Standards, Guidelines, and Procedures.
  • Experience with Security Exception processes, risk management, and privacy impact assessments.
  • Familiarity with software development and cloud computing security principles.
  • Experience implementing and managing GRC tools and processes.
• Soft Skills:
  • Excellent verbal and written communication skills, with the ability to articulate complex security, compliance, and privacy concepts to diverse audiences.
  • Strong project management abilities, with a proven track record of driving initiatives from conception through to delivery and control.
  • Detail-oriented with a bias toward action and continuous improvement.

More…

Snap values diversity and all qualified applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Learn more by visiting our website at www.snapfinance.com.

California Residents, please review our California Consumer Privacy Act Notice at https://snapfinance.com/ccpa-notice