FreshRemote.Work
Sign in

IT Security Risk Management Lead

Remote US

Affirm logo
Affirm Remote-first
USD 142K+ Full Time Senior Mid
Company preview All jobs at Affirm
Search Fresh Jobs Job profile

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

We are seeking a Security Risk Management Lead to join our Security Risk Management team at Affirm. The Security Risk Management team builds and deploys common governance, risk, and compliance processes and controls, conducts audits, and ensures that technologies and business processes are built with data protection and compliance in mind! Affirm values security as being critical to the company’s continued success. Our mission is to cultivate a culture of security at Affirm, enabling the company to succeed in building honest financial products.

What You'll Do

  • Develop complementary control frameworks that define the security responsibilities of Affirm and its third parties, including vendors, merchants, and partners.
  • Mature our third-party security risk processes by working with a broad range of technical and non-technical stakeholders.
  • Own the end-to-end execution of third-party due diligence and issues management, ensuring alignment with stakeholders throughout.
  • Design and generate metrics and reports on risk indicators, issues, and the efficiency of our operations.
  • Support Legal in our contract reviews and negotiations to ensure appropriate security terms are in place.
  • Provide best-in-class support for our client-facing teams and security assurance to our business partners as well as find opportunities to enhance this program and build internal and external relationships.
  • Fluently communicate security risks to non-experts to empower our business with valuable, actionable information.
  • Develop, curate, and disseminate security governance documentation, ensuring awareness amongst stakeholders and employees.
  • Partner with engineering and IT to define and document policies and technical procedures for secure and compliant treatment of sensitive data.

What We Look For

  • Excellent project management and collaboration skills—setting goals and priorities, taking into account dependencies, and handling execution from start to finish.
  • A drive to solve difficult problems and evolve the status quo with technical and non-technical solutions—you’re never satisfied by just ticking a box.
  • Crystal clear verbal and written communication—people love how your emails and documentation tell them exactly what they need to know.
  • 3-5 years of risk management, information security, or other relevant experience working with technical teams and balancing risk against business need.
  • Passion for working with diverse teams and taking into account each perspective, e.g. as an auditor, engineer, …
This job isn't fresh anymore!
Search Fresh Jobs

Job Profile

Regions

North America

Countries

United States

Restrictions

Limited number of roles remain office-based Remote US Visa sponsorship not available

Benefits/Perks

100% subsidized medical 100% subsidized medical coverage Competitive benefits Competitive vacation and holiday schedules Dental and vision coverage Employee stock purchase plan Equity Equity rewards ESPP Flexible Spending Flexible Spending Wallets Health care coverage Inclusive interview experience Inclusive interview experience for all Monthly stipends Monthly stipends for health Remote-first company Subsidized medical coverage Tech spending Time off Transparent pay structure Wellness Wellness and tech spending

Tasks
  • Communicate security risks
  • Communicate security risks to non-experts
  • Design
Skills

Audits Collaboration Communication Compliance Compliance Processes Data Protection Engineering Execution FFIEC Cybersecurity Assessment Tool Information security ISO 2700x IT Security Metrics Negotiations NIST 800-53 NIST Cyber Security Framework Operations PCI PCI DSS Project Management REST Risk Management SANS SANS Top 20 Security Assurance Security governance SOC 1 SOC 2

Experience

3 - 5 years

Education

Engineering

Timezones

America/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9

Remote Jobs in North America Remote Jobs in Europe Remote Jobs in South America Remote Jobs in Asia/Pacific Remote Jobs in Africa Remote Jobs in Middle East Full Time Remote Jobs Part Time Remote Jobs Internship Remote Jobs Contract Remote Jobs Temporary Remote Jobs Freelance Remote Jobs Mid-Level Remote Jobs Senior-Level Remote Jobs Entry-Level Remote Jobs Exec-Level Remote Jobs Lead-Level Remote Jobs
Remote Pathologist Jobs Remote Engineer I Jobs Remote Contract Jobs Remote Project Manager Jobs Remote Machine Learning Jobs Remote Analytics Jobs Remote Business Development Jobs Remote Therapist Jobs Remote Advisor Jobs Remote Mobile Jobs Remote Technician Jobs Remote Assistant Jobs Remote Growth Jobs Remote Data Scientist Jobs Remote Program Manager Jobs Remote Audit Jobs Remote Administrator Jobs Remote Corporate Jobs Remote Customer Success Jobs Remote Inside Sales Jobs
Remote Jobs with CAD > 180K in Salary Remote Jobs with EUR > 200K in Salary Remote Jobs with EUR > 220K in Salary Remote Jobs with GBP > 300K in Salary Remote Jobs with GBP > 260K in Salary Remote Jobs with GBP > 280K in Salary Remote Jobs with CAD > 200K in Salary Remote Jobs with EUR > 240K in Salary Remote Jobs with CAD > 220K in Salary Remote Jobs with EUR > 260K in Salary Remote Jobs with CAD > 240K in Salary Remote Jobs with CAD > 260K in Salary