The Role:
As a member of the Technology Risk Management (1LOD) team, you will be responsible for actively coordinating and supporting risk and control first line risk management activities across technology functions. This unique opportunity will allow you to work with talented teams and stakeholders across the organization's lines of defense to drive the improvement of SoFi's overall risk posture. You will work with technology, business, and information security teams to assess the risk and control environment, identify key areas for improvement, support the establishment and monitoring of effective controls, and contribute to monitoring and reporting of key metrics.

What You'll Do:

• Partner with technology and business stakeholders across the organization to enable and promote management of technology risks
• Support the issue management process for the technology organization; raising investigative questions throughout the process, supporting development of remediation strategies and risks/controls, and contributing to trends analysis
• Interface with technology and business process/control owners to drive the execution and completion of Risk and Control Self-Assessments (RCSA), continuous development of Risk Control Matrices (RCM), and other independent risk activities as needed
• Collaborate with cross-functional teams to understand, support, and assist with remediation of technology gaps and monitor them through completion
• Work with team members to ensure risks and processes are properly documented and corresponding controls are designed effectively to address external and internal requirements
• Assist with creation and development of controls, control attributes, and control effectiveness testing plans
• Drive continuous improvement and provide input to technology risk management processes, policies, procedures, and metrics
• Assist with refining and maintaining the overall technology governance framework
• Build connections and develop strong rapport across enterprise risk, internal audit, and other corporate compliance functions to align and enable technology risk governance, oversight, and reporting
• Demonstrate a deep sense of curiosity and willingness to learn and run after problems

What You'll Need:

• 7+ years of professional and relevant experience in Technology Risk Management, including exposure with a Financial Technology - Framework (FFIEC, COBIT, PCI, etc.)
• Bachelors' Degrees in Computer Science, Systems Engineering, Information Technology or equivalent technical experience
• Strong risk assessment and process evaluation experience
• Experience performing Technology risk or cyber security assessments, Control/Compliance assessments or IT Audits
• First-hand experience working with various technology and governance frameworks
• Knowledge of regulatory requirements for financial services organizations and an understanding of how to adhere to internal controls and external regulations
• Proven ability to identify technology risks, analyze gaps/issues, propose/lead remediation efforts, and provide insights regarding risk exposure and trends
• Experience working in an Agile development environment
• Flexible and adaptable; able to work through ambiguous situations to create clear systems and processes in an evolving regulatory environment
• Strong partnership capabilities and ability to build and foster strong cross-functional work relationships
• Excellent communication skills (verbal, written, and visual); ability to communicate technology and security concepts to both technical and non-technical partners

Nice To Have:

• Industry certification(s) (e.g. CRISC, CISA, CISSP, CISM)