Cyber Governance and Education Manager

October 13

Apply Now

Receive Emails with Similar Jobs

Oportun

WebsiteLinkedInAll Job Openings

Financial Services • Responsible Lending • Pre-Paid Debit Cards • Serving the Underbanked • Data Analytics

1001 - 5000

Description

• The Security Policy Manager will have two principle responsibilities: management and maintenance of all policies, standards, and procedures related to technology and cyber security and building security education materials. • This role is fully remote. • Develop and maintain information security policies, standards, and procedures, in alignment with company requirements, making recommendations and driving changes as needed. • Effectively facilitate discovery meetings with technical leads to understand documentation requirements about system processes/procedures and translate technical information into well-organized and concise content. • Maintain continual awareness of developments and incorporate industry best practices and regulatory guidelines including but not limited to FFIEC, NIST CSF 2.0, FTC, and PCI. • Develop an intimate understanding of Oportun’s technology and security processes, tools, and specifics of homegrown systems. • Review content to ensure that it is presented in an engaging manner with relevant industry examples and use cases while ensuring the quality, accuracy, and time to deliver. • Proactively seek continuous improvement opportunities in process/policies/standards. • Develop metrics and dashboards to track program effectiveness and maturity. • Develop and maintain security education materials including annual awareness training program, secure developer training, and more informal learning opportunities upon request from various leaders. • Ensure preservation of required compliance artifacts such as document approvals and participation in mandatory trainings.

Requirements

• 7+ years of proven technical writing and data and technology governance management. • Proficient in style guidelines for user interface and ability to enhance the overall user experience by providing clear and concise information. • Excellent written and verbal communication skills, strong interpersonal skills and the ability to partner with developers, engineers, SMEs and cross-functional teams to translate technical concepts for all audiences. • Highly motivated self-starter with a meticulous attention to detail and time management skills • Demonstrated experience working with content management tools such as Sharepoint, Confluence, and standard MS Office tools (e.g., Word, Excel, PowerPoint) • Ability to learn complex concepts quickly and explain them clearly to end users and technical audiences. • Familiarity with IT/ security control frameworks (e.g. SOC 2, NIST CSF 2.0, PCI 4.0+, FFIEC CAT), and relevant professional standards and regulations. • Experience with common GRC solutions • BA/BS degree in Computer Science or a related field, or relevant professional experience.