Senior GRC Analyst
San Francisco, CA

Job Description

Description

Affirm values information security as a critical part in the company's continued success. While we're reinventing credit to make it more honest and friendly, we also safeguard our clients' sensitive information. Your unique mission as a Security Engineer is to identify potential weaknesses and vulnerabilities in the foundational infrastructure and strategically reinforce them, enabling other teams to focus on building honest financial products.

What You'll Do

* Perform risk assessments to determine if the company's information assets are protected from internal and external threats and are aligned with regulatory requirements
* Work across-functional team to design, implement and test various security processes and controls
* Conduct internal security audits and provide technical and business recommendation to process owners to remediate all findings
* Work with the Security team in identifying technical security gaps as reported by internal and external customers
* Business plan development and re-evaluation including IRP, BCP, DRP
* Maintain information security policies and procedures
* Respond to security questions from the external audits and merchant RFPs
* Recommend, integrate and manage risk management & compliance tooling

What We Look For

* 3+ years of experience in Information Security and Risk Management
* Attention to detail and experience with security practices and tooling
* Demonstrated ability driving projects towards completion
* Experience with industry-based information security & control frameworks (NIST Cyber Security Framework, ISO 2700x, SOC1&2(SSAE18), PCI DSS, FFIEC Cybersecurity Assessment Tool, SANS Top 20, etc.).
* Ability to understand and communicate technical issues to non-technical teams.
* BA or BS degree in Information Security, Cyber Security, Computer Science or related field or commensurate experience.
* Professional certification in Information Security or Risk Management (such as CISSP, CISM, CISA, CRISC, etc.) is a plus
* Professional security assurance experience (Government Agency, Public accounting/ consulting background) is a plus

ABOUT AFFIRM

Affirm is reinventing credit to make it more honest and friendly. Started by PayPal co-founder Max Levchin, Affirm gives consumers the flexibility to buy now and make simple monthly payments. Unlike other credit options, Affirm offers transparent payment terms (no fees or compounding interest), and employs advanced technology to reach a broader consumer population.