Posted on 8/25/2022
Remote in USA
- Excellent time management and organizational skills - setting smart priorities when juggling multiple tasks, and making sure they're completed timely
- Crystal clear verbal and written communication - people love how your emails and documentation tell them exactly what they need to know!
- 2-3 years of audit, compliance, risk management, information security or other relevant experience identifying and resolving issues within high-volume cross-functional workstreams
- Knowledge of risk and control frameworks (e.g. NIST Cyber Security Framework, ISO 2700x, SOC1 & 2 (SSAE18), PCI DSS, NIST-800-53, FFIEC Cybersecurity Assessment Tool, SANS Top 20, etc.) and experience with security practices and solutions
- Passion for working with diverse teams, understanding and taking into account each perspective, as an auditor, engineer, business person, and more
- Handle a high volume of vendor security assessments, working with multi-functional teams and external parties to ensure end-to-end efficiency and active communication throughout
- Conduct security control gap assessments and identify, assess, and help escalate the security risks that our third parties pose, obtaining necessary information from these external parties and effectively challenging them where necessary
- Fluently communicate security risks to non-experts to empower our business team members with valuable information
- Manage and maintain a comprehensive vendor inventory with all the information necessary for managing ongoing vendor monitoring and creating meaningful reporting and metrics
- Help in the design and execution of our TPRM process within our new GRC tool
- Work with Legal to ensure that our contracts with third parties have appropriate security terms
Point of sale installment loans for consumers
Affirm seeks to deliver honest financial products—to improve lives. The company operates a buy-now-pay-later platform for consumers at the point of sale.
- Spending wallets: Access tech, food, lifestyle, and family planning wallets for your expenses
- Supportive communities: Get involved with our employee resource groups and community groups
- Remote-first workforce: If your role is remote, you can set up shop anywhere in your home country
- Generous time off: Take the time you need when life happens
- Health benefits: Get a plan that fits your needs
- Mental healthcare: Take care of your mind with great mental health programs
- Parental leave: Birth and non-birth parents get 18 weeks paid leave. Plus, a 4-week return-to-work transition program, at full base pay.
- Compensation: We have a simple, flexible, and transparent remote-first compensation structure so you can make the best decisions for yourself and your family.
- Away days: We offer 24 company-wide paid days off—which help our teams collectively pause to recharge.
- Learning & development: Engage in exciting learning programs to level up your growth.
Company Core Values
- People come first: We consider our impact on people’s lives before we think about our own interests.
- No fine print: We are completely transparent and honest—with our customers and with each other.
- It's on us: We take full accountability for our actions, never shirking responsibility or passing the buck.
- Simpler is better: We make complex things simple and clear.
- Push the envelope: We never stop innovating, taking smart risks, and raising the bar.