Employers / Recruiters

Staff Security GRC Lead

creditkarma · 24 days ago
By pressing the button above, you agree to our Terms and Privacy Policy, and agree to receive email job alerts. You can unsubscribe anytime.
Intuit Credit Karma is a mission-driven company, focused on championing financial progress for our more than 130 million members globally. While we're best known for pioneering free credit scores, our members turn to us for everything related to their financial goals, including identity monitoring, applying for credit cards, shopping for insurance and loans (car, home and personal) and savings accounts and checking accounts* -- all for free. Credit Karma has grown significantly through the years: we now have more than 1,700 employees across our offices in Oakland, Charlotte, Culver City, San Diego, London and New York City.

*Banking services provided by MVB Bank, Inc., Member FDIC

Security is a core value at Credit Karma. We help millions of people better manage their credit. Safeguarding their sensitive information is critical to our continued success. From the CEO down to each individual engineer, everyone views security as a personal responsibility.

We are seeking a skilled and experienced Staff Security GRC (Governance, Risk and Compliance) Analyst to join our dynamic team. The successful candidate will play a crucial role in identifying key initiatives based on the organization’s GRC strategy, industry best practices and emerging trends. Additionally, this role will directly support the Director of Security GRC with strategy and roadmap development, and act as a GRC domain advisor to the business.

What you’ll do:

  • Lead and manage enterprise-level GRC projects from initiation to completion, ensuring timely delivery and adherence to project objectives, timelines and budgets.
  • Proactively identify gaps or improvement opportunities in existing GRC processes. Develop and implement frameworks and solutions to enable process maturation, leveraging automation or other mechanisms. 
  • Conduct technical security reviews and risk assessments. 
  • Provide technical guidance and oversight to the GRC team, to ensure effective identification, assessment and mitigation of security risks across the third-party ecosystem, including vendors, partners and cloud service providers.
  • Represent the security organization in discussions and negotiations with third-party entities, effectively communicating our security posture to external stakeholders. 
  • Engage with third-parties, to provide guidance in understanding and adhering to CK’s security standards and requirements, advocating for the implementation of appropriate security controls.  
  • Conduct security audits, assessments and gap analyses to identify areas of non-compliance. Develop and implement remediation plans to address gaps and deficiencies
  • Prepare comprehensive reports and presentations to communicate GRC initiatives, risk assessments, security metrics and dashboards to senior management and relevant stakeholders 

What we’re looking for:

  • 8+ years of experience in cybersecurity, risk management or GRC roles
  • Proven experience in leading the design, implementation and management of enterprise-level GRC programs, with the ability to lead cross functional teams and manage multiple projects simultaneously
  • Proficient in information security principles, risk management frameworks,  compliance regulations and industry best practices

What we’d like to see:

  • Bachelor’s degree in Computer Science, Information Security or equivalent professional experience 
  • Relevant industry certifications (e.g. CISSP, CISM, CRISC, CCSP)
  • Knowledge of, or experience working with, cloud-services environment (GCP, AWS etc) and cloud security controls

What’s great about the role:

  • Carrying out two positive missions at the same time: helping people take back control of their credit and helping to keep their personal information safe.
  • Solving security problems at scale in a highly technology-focused team, with a culture of “how to do this safely”, not a culture of “no”.
  • Spending way less time convincing anyone why security is important and way more time talking about how to manage risk effectively - the importance of security is woven into our DNA already!
  • If you are a driven and experienced Security Risk professional with a passion for continuous improvement and a track record of successfully leading GRC initiatives, we encourage you to apply for this exciting opportunity. 

Benefits at Credit Karma include: 

  • Medical and Dental Coverage
  • Retirement Plan
  • Commuter Benefits
  • Wellness perks
  • Paid Time Off (Vacation, Sick, Baby Bonding, Cultural Observance, & More)
  • Education Perks
  • Paid Gift Week in December

Equal Employment Opportunity:

Credit Karma is proud to be an Equal Employment Opportunity Employer. We welcome all candidates without regard to race, color, religion, age, marital status, sex (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity or gender expression, national origin, veteran or military status, disability (physical or mental), genetic information or other protected characteristic. We prohibit discrimination of any kind and operate in compliance with applicable fair chance laws. 

Credit Karma is also  committed to a diverse and inclusive work environment because it is the right thing to do. We believe that such an environment advances long-term professional growth, creates a robust business, and supports our mission of championing financial progress for everyone. We offer generous benefits and perks with a single eye to nourishing an inclusive environment that recognizes the contributions of all and fosters diversity by supporting our internal Employee Resource Groups. We’ve worked hard to build an intensely collaborative and creative environment, a diverse and inclusive employee culture, and the opportunity for professional growth. As part of the Credit Karma team, your voice will be heard, your contributions will matter, and your unique background and experiences will be celebrated.

Please contact if you are interested in employment with Credit Karma and need special assistance or an accommodation to either apply or interview for a specific role.

Privacy Policies:

Credit Karma is strongly committed to protecting personal data. Please take a look below to review our privacy policies:

Last updated on May 31, 2024

See more

About the company

More jobs at creditkarma


Oakland, California


30+ days ago

London, England


30+ days ago

Charlotte, North Carolina


30+ days ago

Charlotte, North Carolina


30+ days ago

Developed by Blake and Linh in the US and Vietnam.
We're interested in hearing what you like and don't like! Live chat with our founder or join our Discord
🚀 LaunchpadNov 27
Create a site and sell services based on your resume.
🔥 Job search dashboardNov 13
Revamped job search UI with a sortable grid, live filtering, bookmarks, and application tracking.
🫡 Cover letter instructionsSep 27
New Studio settings give you control over AI output.
✨ Cover Letter StudioAug 9
Automatically generate cover letters for any job.
🎯 Suggested filtersAug 6
Copilot suggests additional filters above the results.
⚡️ Quick applicationsAug 2
Apply to jobs using info from your resume. Initial coverage of ~200k jobs in Spain, Germany, Austria, Switzerland, France, and the Netherlands.
🧠 Job AnalysisJul 12
Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.
© 2024 RemoteAmbitionAffiliate · Privacy · Terms · Sitemap · Status