Cybersecurity Manager – Third Party Security Risk
| Company | SoFi |
|---|---|
| Location | United States |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s, Master’s |
| Experience Level | Senior, Expert or higher |
Requirements
- Bachelor’s or master’s degree in Computer Science, Information Security, Risk Management, or a related field.
- 7+ years of experience in a Third Party Information Security Assessment role in a Financial Services organization.
- Hold one or more relevant industry certifications such as a CRISC, CISSP, CISA, or CISM.
- Proven ability to quickly assimilate new information and drive for ongoing effective Cybersecurity Program Management best practices.
- Experience with regulatory examinations and a strong technical understanding of audit and testing concepts.
- Ability to thrive in a fast-paced, dynamic environment, managing multiple Assessments and Issues concurrently.
- In-depth knowledge of security frameworks (e.g., NIST, PCI, ISO 27000 series) and regulatory requirements.
- Excellent organizational, leadership, decision-making, and communication skills.
- Strong project management skills with the ability to manage multiple tasks under tight deadlines.
Responsibilities
- Serve as the People Manager for the TPISA utility function and supporting staff team members.
- Set a risk and compliance basis and strategy for third party information security assessment across all business lines, horizontal functions, and legal vehicles.
- Maintain Policy, Standard, and Program Procedures for the TPISA process.
- Conduct outbound Training & Awareness to impacted TPISA stakeholders.
- Manage the TPISA system of record and work with external vendor contacts to maintain, develop, and enhance the platform and related APIs.
- Coordinate with cross-functional teams and stakeholders to ensure TPISA key lifecycle stages and steps are met.
- Engage effectively with key stakeholders from both inside and outside the SoFi Cybersecurity team for formal review and approval of Assessments and Issues.
Preferred Qualifications
- Project Management Professional (PMP) certification.
- Understanding of cloud security frameworks and risk management programs.
- Subject matter expertise in 3 or more Cybersecurity key control domains.
- Experience working in both regulated Financial Services and Financial Technology startup environments.
- Experience working in both US and Offshore geographies.