GRC Senior Specialist

Full Time
San Francisco, CA
Areas of Interest: Incident Response, Information Assurance (IA) Compliance, Strategic Planning and Policy Development
report a problem

SoFi is seeking an experienced senior to assist in all aspects of our governance, risk and compliance program. The GRC Sr. Specialist will report to the Director of Information Security and work with cross-functional teams and external parties to support compliance, risk management and business development activities.

SoFi is a forward-thinking company that is transforming financial services. Recently ranked as one of the fastest growing fintech companies in the U.S, SoFi is nearly 850 employees strong. We offer the excitement of a rapidly growing startup with the stability of a seasoned management team.


  • Assess and track compliance with regulatory and legal requirements relevant to the SoFi business such as GLB, FINRA, NYDFS, Colorado Security Act and contractual commitments
  • Perform vendor security and privacy due diligence
  • Coordinate 3rd party audits of SoFi and SOC 2 audits
  • Drive privacy and information security training and awareness
  • Manage privacy incident response and coordinate remediation activities
  • Maintain information security and privacy policies
  • Manage and document the disaster recovery programs
  • Assist Legal with contract reviews and legal hold activities

Minimum qualifications

  • BS degree in Computer Information Systems or related field
  • 3+ years of experience in compliance, privacy or security risk management
  • Strong program management background and leadership skills
  • Experience with business continuity planning and testing, as well as third-party security management
  • Familiarity with U.S privacy regulations, SSAE16 SOC1/SOC2 and standards such as NIST and PCI
  • Familiarity with GRC tools
  • Self-starter with strong interpersonal and communication skills
  • Demonstrate ability to assimilate to new knowledge

Preferred qualifications

  • Big 4, or management/IT consulting experience
  • Practical experience implementing GRC
  • Experience with vendor risk management
  • CISSP, CISM, CISA, CIPP and similar certifications
  • Experience leading security or privacy training courses


  • Catered lunches, a fully stocked kitchen, and subsidized gym membership.
  • Competitive salary packages and bonuses.
  • A flexible vacation policy allows you to truly relax and reboot.
  • Comprehensive health, vision, dental, and life insurance as well as disability benefits.
  • 100% of health, vision, and dental premiums paid by SoF for employees and their dependents.
  • 401(k) and education on retirement planning.
  • Tuition reimbursement on approved programs, up to $5,250 a year.
  • Monthly contribution to help you pay off your student loans.

Share this job:


SoFi is a new kind of finance company. From unprecedented products and tools to faster service and open conversations, we’re all about helping our members get ahead and find success. Whether they’re looking to buy a home, pay off their student loans, ascend in their careers, or invest in the future, the SoFi community works to empower our members to accomplish the goals they set and achieve financial greatness as a result.

Visit SoFi 's Social Media pages:
Company Industry: Financial Services
Company Type: Privately Held
Company Size: 501-1000