Technology Risk Manager

Varo is an entirely new kind of bank. All digital, mission-driven, FDIC insured and designed for the way our customers live their lives. A bank for all of us.
Varo is building out a world class Information Security Team as part of the second line of defense. The Technology Risk Manager is a critical role at Varo and will report to the Chief Information Security Officer (CISO).  This role will be responsible for evaluating and managing Information Technology (IT) risks, by carrying out ongoing analysis of the IT control environment including identifying technology risks and gaps, testing and challenging control effectiveness, monitoring remediation status and acting as the liaison with first line technology teams in order to enhance information systems facilitating the business internal control processes, maximize efficiencies and minimize IT-related business risk.

What you'll be doing

• Collaborate and consult with first line IT teams and business teams to enhance internal control processes, risks and controls.
• Identify, review and articulate business risks associated with technical vulnerabilities and risks, including IT risks, controls  improvements and opportunities in support of financial statements and financial reporting requirements.Test and assess adequacy and effectiveness of control structure, along with practical recommendations to improve the effectiveness, efficiency of a control or process.
• Monitor and report on IT risk / IT audit issue remediation progress, escalating to senior management where necessary.
• Carry out and/or lead related second line Information Security and Technology risk management activities as assigned, including cyber security risk assessments, SOC2 reviews, privacy assessments, technology selections & implementations, data analysis.
• Skilled in leading complex discussions across technology and business with subject matter experts, driving towards clear and documented solutions and timelines

You’ll bring the following required skills and experiences

• Bachelor’s degree (or higher) in Computer Science, Information Systems, Accounting, Business Administration or related field required.  Master degree in Information/Cyber Security preferred.7+ years of overall experience in IT Audit, Risks and Controls with a minimum of 3+ years of Big 4 experience in an Information Security/Governance/IT Audit/Advisory role conducting business integrated systems assessments, business process reviews, ICFR, ITGC, SOX or SOC audits.
• 5-7 years of information security and/or IT Audit experience with a financial institution, a fintech company, or a provider to the financial services business sector.
• Current knowledge of best practice IT controls and industry standard models (e.g.,  COBIT5, ITIL, NIST, PCI DSS) and proven understanding of regulatory requirements (e.g., FFIEC CAT, GLBA)CISA certification required.  CISM, CISSP, CPA, CIA, CRISC, CGEIT certifications highly preferred.
• Experience reporting/presenting to the senior management, the Board, and/or Committees of the Board on the status of risk assessments, information security controls.
• Cloud security experience highly desired, AWS preferred.

We recognize not everyone will have all of these requirements. If you meet most of the criteria above and you’re excited about the opportunity and willing to learn, we’d love to hear from you!
About VaroVaro launched in 2017 with the vision to bring the best of fintech into the regulated banking system. We’re a new kind of bank – all-digital, mission-driven, FDIC-insured, and designed around the modern American consumer. 
As the first consumer fintech to be granted a national bank charter in 2020, we make financial inclusion and opportunity for all a reality by empowering everyone with the products, insights, and support they need to get ahead. Through our core product offerings and suite of customer-first features, we aim to address a broad range of consumer needs while profitably serving underserved communities that have been historically excluded from the traditional financial system.
We are growing quickly in our hub locations of San Francisco, Salt Lake City, and Charlotte along with colleagues located across the country. We have been recognized among Fast Company’s Most Innovative Companies, Forbes’ Fintech 50, and earned the No. 7 spot on Inc. 5000’s list of fastest-growing companies across the country.
Varo. A bank for all of us.
Our Core Values- Customers First- Take Ownership- Respect- Stay Curious- Make it Better
Learn more about Varo by following us:Facebook - https://www.facebook.com/varomoneyInstagram - www.instagram.com/varobankLinkedIn - https://www.linkedin.com/company/varobankTwitter - https://twitter.com/varobankEngineering Blog - https://medium.com/engineering-varoSoundCloud - https://soundcloud.com/varobank


Varo is an equal opportunity employer. Varo embraces diversity and we are committed to building teams that represent a variety of backgrounds, perspectives, and skills. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
Beware of fraudulent job postings!Varo will never ask for payment to process documents, refer you to a third party to process applications or visas, or ask you to pay costs. Never send money to anyone suggesting they can provide work with Varo.  If you suspect you have received a phony offer, please e-mail careers@varomoney.com with the pertinent information and contact information.
CCPA Notice at Collection for California Employees and Applicants: https://varomoney.box.com/s/ylg3yvjgdtqollctztvhujaa30z5ofi6