Technology Risk Senior Analyst
At OnDeck, we make small business a big deal. We’re improving the world’s economic landscape by changing the way small businesses access capital. We care intensely about each other, our company and the customers we serve, and are committed to making every day count.
As a Technology Risk Senior Analyst at OnDeck, you will:
- Manage technology risk through thoughtful design and implementation of value-added processes and controls.
- Partner with business functions to help them identify, understand, and manage technology controls and risk through education, key metric identification, and completion of risk assessments.
- Team with technology, security, and legal teams to manage the vendor risk management program focusing on the intake process and ongoing assessment of critical third-party relationships.
- Act as key resource during control assessments (internal and external) that are initiated to sustain key business relationships, satisfy regulatory obligations, or support internal risk management efforts.
- Contribute to the Technology Risk team’s effort to define and maintain a risk profile including establishment of key risk indicators, continuous measurement, and support of prioritization of remediation efforts.
Necessary qualifications for success:
- 4-6 years of experience working in Technology Risk, Technology Audit, or a related field. (Big 4 Accounting Firm experience a plus.)
- Driven to creatively and collaboratively solve problems in a way that provides value to OnDeck in addition to minimizing a risk. (We don’t just check boxes at OnDeck.)
- Focus on optimizing processes and minimizing risk through automation.
- Confident familiarity with technical concepts in the following disciplines: technology infrastructure, technology architecture, security, vendor management, business continuity.
- Recent experience with standard control frameworks and building core elements of a Technology Risk Management program (e.g. ISO 27005, CIS, NIST Cybersecurity Framework, SOX 404, SOC1/2, ISO 27001, ISO 27017)
- Recent experience measuring vendor/third party risks (including contract and SOC2 report review)
- Understanding of Privacy and Information Security regulations.
Nice-to-haves (not required):
- Splunk SIEM
- GRC Tools
- Construction and maintenance of governance documentation (e.g. policies)
About OnDeck:
As the largest online small business lender in the U.S. serving more than 700 different industries, we have been trusted by over 50,000 small businesses by providing them with a term loan or line of credit to help them build a growing and thriving enterprise. Since 2007, we’ve issued over $7 billion in capital.
Come be a part of a company that’s changing the game for small business financing.
We offer…
401K Match. Tuition Reimbursement. Paid Parental Leave. Company Outings. Company Sponsored Sports Teams/Clubs. Office Learning & Development Training. Community Involvement.
We are going to ask you to talk about your accomplishments. Here are some of ours:
- WorldatWork, 2017 Seal of Distinction
- Fortune 50 Best Workplaces for Diversity, 2016
- Fortune 50 Best Small and Medium Companies to Work For, 2016
- Fortune 30 Best Workplaces in Finance and Insurance, 2016
- Built in Colorado, Top 100 Digital Companies in Colorado, 2015, 2016, 2017
- Crain’s New York Business Fast 50, 2013, 2014, 2015, 2016, 2017
- com and Great Place to Work 100 Best Workplaces for Millennials, 2015 Fortune/Great Place To Work Great Rated! People’s Picks: 20 Great Workplaces in Financial Services, 2015
- Crain’s New York Best Places to Work, 2013, 2014, 2015
- Colorado SHRM Best Companies to Work For in Colorado, 2015
- Forbes’ America’s Most Promising Companies, 2013, 2014
- Selling Power Magazine Best Company to Sell For, 2013, 2014, 2015, 2016, 2017
- 500|5000, 2013, 2014
As part of our dedication to maintaining an inclusive and diverse workforce, OnDeck provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, OnDeck complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
OnDeck expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of OnDeck’s employees to perform their job duties may result in discipline up to and including discharge.
**No external recruiters or agents, please.**