IT Risk Manager, ODX
Innovation, collaboration, and success: at ODX, We Make It Happen. We’ve changed the way small businesses access financing. With the spirit of a fintech startup and the stability of a larger organization, the ODX team unites around the goal of leading the future of small business lending technology. Here, everyone has a voice and sharing ideas is celebrated and encouraged. We have a bold and challenging journey ahead, and we can’t wait to make it happen together.
Reporting to the Director, Technology and Operations, your best work will result in building strong rapport and trust with our clients vis a vis our technical acumen and compliance with industry and international standards.
As Information Technology (IT) Risk Manager at ODX on the Technology Team, you will:
- Enforce and drive improvements on strategy/employment of access controls, compliance, audit, and penetration testing that supports and enables risk management and standards compliance. Challenges here include identifying where and how we use data; ensuring that preventive/detective/corrective controls are in place and functioning effectively; staying current with regulations and contractual agreements governing the use of data.
- Collaborate closely with teams to understand product design and services provided to our customers/partners, how data is processed and retained, what business processes make use of the data and why, and how the controls provide proper security and compliance. Be a representative for our customers, making sure that customer data is safeguarded and used ethically and responsibly.
- Organize and lead Risk/Privacy/Compliance training across teams, in order to educate and inform employees about our practices and standards, raise the level of cooperation and help people to understand the rationale for the rules.
- Manage internal and external audit and testing programs, reporting risks and areas that need correction to the senior management team and prioritizing compliance work.
- Review and respond to security questionnaires and contract questions from customers on ODX information security policies and practices.
- Regularly review and respond to internal requests regarding RBAC and entitlements.
Qualifications to make it happen:
Required
- Bachelor's degree (or equivalent) in Business Administration, Computer Science, Information Systems, or related field
- You are familiar with contractual compliance obligations, contractual security, privacy and completing security questionnaires and reviews
- Experience defining and implementing appropriate methodologies for auditing, and IT Risk
- You can speak intelligently about situational awareness, change management, access control, and incident response
- You have demonstrated ability to communicate complex or detailed technical topics to a non-technical business audience, clearly conveying risk assessments, actions needed, and cost implications
- You have a general understanding of privacy and compliance legislation as it is evolving in the US, UK and Europe, including the GDPR
- Experience in working with legal, audit, and compliance staff
- Experience with Vendor Management, and Third-Party Risk Management
- Experience in developing and maintaining policies, procedures, standards, and guidelines
- Experience working with development teams using Agile Methodology and Cloud technologies
- Experience in driving risk-based decisions supporting business owner expectations and needs
- Excellent decision-making, problem solving and organizational skills with the ability to multi-task in a fast-paced environment
- Strong knowledge and experience of applicable frameworks and regulatory requirements, e.g. SOC 2, ISO 27001, CSA, PCI-DSS, NIST
- Exceptional written and verbal communication skills; ability to effectively interact with all levels of the organization including senior management
About OnDeck:
OnDeck is the largest online small business lender in the U.S. Since 2007, we’ve issued over $12 billion in loans for many business needs including inventory purchase, equipment acquisition, hiring, and general corporate purposes. Serving more than 700 industries throughout the country, OnDeck has been trusted by over 100,000 small businesses by providing them with a term loan or line of credit to help them build a growing and thriving enterprise.
About ODX:
ODX’s ground-breaking partnership efforts with banks began in 2015 and have subsequently proved that a bank and a financial technology (FinTech) company can work collaboratively to mutual benefit on a digital lending platform. ODX is now offering expanded platform solutions for small business lending to a broad range of banks and financial institutions globally.
Click here for a glimpse inside our offices
At OnDeck, it’s We Before Me. We support each other and we love seeing people succeed. That’s why we offer a competitive and comprehensive benefit program with a variety of options and opportunities. We offer:
- Flexible Paid Time Off; Paid Sick Days; Paid Holidays; Paid Birthday
- Comprehensive Healthcare (Medical/Dental/Vision/Life Insurance)
- Wellness Subsidy and Mental Health Coaches
- Voluntary Auto/Home/Pet Insurance
- Educational Reimbursement; Flexible Working Arrangements
- 401k Matching, Loan Consolidation, Employee Stock Purchase Program
- Paid Parental Leave and Sabbaticals
- Affinity Groups and Volunteer Events
We are going to ask you to talk about your accomplishments. Here are some of ours:
- Built in Colorado, Top 100 Digital Companies in Colorado, 2015, 2016, 2017
- Built in NYC’s 100 Best Places to Work, 2019
- Colorado SHRM Best Companies to Work For in Colorado, 2015
- Crain’s New York Best Places to Work, 2013, 2014, 2015
- Crain’s New York Business Fast 50, 2013, 2014, 2016, 2017
- Denver Business Journal Largest Technology Employers in Denver, 2019
- Denver Business Journal Best Places to Work, 2019
- FinTech Breakthrough Award – Best Overall LendTech Company, 2018
- Fortune 50 Best Workplaces for Diversity, 2016
- Fortune 50 Best Small and Medium Companies to Work For, 2016
- Fortune 30 Best Workplaces in Finance and Insurance, 2016
- Fortune.com and Great Place to Work 100 Best Workplaces for Millennials, 2015
- Fortune/Great Place To Work Great Rated! People’s Picks: 20 Great Workplaces in Financial Services, 2015
- Forbes’ America’s Most Promising Companies, 2013, 2014
- Great Place to Work Certification, 2017, 2018, 2019
- Inc. 500|5000, 2013, 2014
- Inc. Hire Power, 2013
- Lending Tree’s Top Rated Customer Satisfaction, Q1 2018
- Selling Power Magazine Best Company to Sell For, 2013, 2014, 2015, 2016, 2017, 2018, 2019
- US News & World Report, “Best Unsecured Business Loans of 2018” – Best for Term Loans
- Washington Post Top Places to Work, 2019
- WorldatWork, 2017 Seal of Distinction
- TalentDesk’s Best Large Companies for Computer Science Jobs in Arlington, Virginia: #1, 2019
- TalentDesk’s Best Companies for Customer Service Jobs in Denver, Colorado: #1, 2019
- TalentDesk’s Best Companies for Quality Assurance Jobs in Denver, Colorado: #1, 2019
As part of our dedication to maintaining an inclusive and diverse workforce, OnDeck provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, OnDeck complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
OnDeck expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of OnDeck’s employees to perform their job duties may result in discipline up to and including discharge.
**No external recruiters or agents, please.**