Director of Technology Risk
Best Egg - Wilmington, DE
Employment Type : Full-Time
Marlette Funding is a consumer financial technology (fintech) business that offers consumers low-rate personal loans up to $50,000 through its Best Egg® brand.
Marlette has experienced tremendous growth since its inception in 2014, with over $10B in consumer loans originated. Today, we’ve grown to over 200 employees, enjoy strong employee engagement scores and have been recognized numerous times as a best workplace in the mid-sized and fintech categories.
Our goal is to create a positive workplace where our employees develop and thrive. To accomplish this we hire smart, highly driven people and frequently solicit their input and feedback to ensure that our culture and work environment meets their needs. Employees receive plenty of perks including competitive salary, bonuses, 401k match, generous PTO and holidays, a well-stocked kitchen (when we’re back in the office) and numerous fun events and charitable opportunities.
Marlette celebrates diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives and skills. The more inclusive we are, the better we will grow.
We are looking for a Director of Technology Risk to add to our growing Fintech Information Security team, this is a Full-Time position with excellent benefits and growth potential.
We are currently 100% virtual / remote - this role reports to our headquarters in Wilmington, Delaware. Our ideal search is specified to a candidate that is local and able to travel to the office in Wilmington after it is safe to do so and our operations returns onsite. We will maintain a remote flexible workplace, desired to be onsite a few times a week.
The Director of Technology Risk provides Technology Risk and Reporting Oversight and serves as the chief point of contact to manage reputational and compliance risk for technology initiatives, manages our technology risk appetite process, and provide support to our Enterprise Risk Reporting process. This individual will be responsible to communicate risk policies and processes across technology. They will also assure controls are operating effectively and provide guidance and support. This individual must have excellent quantitative and analytical skills, along with the ability to apply those skills across a variety of business processes. Duties & Responsibilities- Consulting with business stakeholders on the design and optimization of technology controls utilizing a general knowledge of business processes, accounting, and information technologies
- Create internal technology control documentation including narratives, processes and data flows
- Manage Technologies engagement in annual SOC and PCI attestations as well as other third-party opinion services
- Support external financial statement and SOX compliance engagements for application and information technology general computer controls assisting financial audit and Sarbanes-Oxley compliance teams in the identification of control objectives and the design of control procedures to address those objectives.
- Assessing IT security policies, procedures, and controls of Technology applications, networks, operating systems, and other components of the technology infrastructure
- Reviewing, documenting, evaluating and testing application controls, particularly automated controls on a wide range of systems and software applications across business processes
- Identifying internal IT controls, assessing their design and operational effectiveness, determining risk exposures and developing remediation plans and determining technical and business impact of identified security and control issues and providing remediation guidance
- Communicating findings and recommendations to management
- Helping grow Marlette's business through involvement in various Capital Markets opportunities
Requirements- Development
- Bachelor's degree or equivalent
- Five or more years of experience in business process controls and IT risk management, internal audit, IT security, or other IT compliance related work
- Experience leading and managing staff; experience managing projects
- Experience managing people, mentoring staff, providing performance feedback, and monitoring workloads of the team while meeting stakeholder expectations
- Strong understanding of information technology controls and security experience in a widely used financial application (SAS, Oracle, Microsoft, etc.) is preferred
- Good understanding of relevant regulations and industry standards (e.g., FFIEC, SOX, NIST, ITIL, ISO27001, PCI, and GLBA) and best practices and methodologies to address these requirements. Ability to apply these requirements to organizational internal control frameworks
- Professional certifications including Certified Information Systems Auditor® (CISA®), Certified Information Systems Security Professionals® (CISSP®); Certified Information Security Manager® (CISM®) and/or Certified Information Privacy Professional (CIPP)
- Must be able to interpret and convey technical information to all levels of technical aptitude, including executive management. This includes written and oral communications
- Ability to articulate, write and present information in a clear and concise manner
- Strong time management and organizational skills with the ability to manage multiple priorities successfully
Leadership- Comfortable interacting and engaging with colleagues from all levels of management across all business units and third party development firms.
- Demonstrated technical leadership skills including self-direction, coaching and mentoring, leading change through tooling or practices
- Previous experience leading Associate-level colleagues OR demonstration of effective leadership characteristics
- High self-efficacy, highly motivated, well organized, capable of developing and executing a project plan, and able to communicate status effectively
Culture- Advocate and practitioner of Agile methodologies (XP, Scrum, Kanban, Lean, Continuous Improvement, Pair Programming)
- Ability to succeed within a cross-functional team emphasizing Collective Ownership in a fast-paced environment
- Be confident and willing to challenge status quo but also willing to concede and execute other’s ideas when necessary
- Capable of teaching and learning from others to promote continuity of knowledge and personal development
- Ability to work effectively independently and as a team member
- Excellent written and verbal communication skills
Thank you for your interest! Qualified candidates will be contacted within a few business days to start conversations with our Talent Acquisition team.
Our Brand:At Best Egg, we believe money should be accessible so people can reach their goals, live a fuller life, and feel pride in knowing they have taken control of their finances. For those who need extra money to achieve the progress they seek in life, Best Egg is the modern solution-minded finance provider that mixes decades of banking experience with smart technology and deep customer insight to create products designed for today’s borrower, so that people can establish a smoother financial path. The egg symbolizes protection and a fresh start.
Looking for a way to stand out?Send a follow up email to Talent Acquisition: savannah.scalyer@bestegg.com with your name and position of interest in the subject. In the email please include: Your resume attachment and a brief introduction highlighting what about this role stood out to you the most.
Recruiting Agencies: We appreciate what you do and understand how challenging it can be, however please do not send us unsolicited resumes or cold outreach to our employees, job listings or recruiting team.