Senior Governance Risk and Compliance Analyst

Dave is searching for a skilled and experienced Senior GRC Analyst to play a key role in ensuring the security and compliance of our products. You will drive governance, risk, and compliance initiatives, implement and oversee the compliance plan, manage and mitigate organizational risk, and provide expert advice to internal stakeholders. Your passion and motivation for security and compliance will be essential in advancing our overall security posture and ensuring that our products and practices align with industry standards and regulations.

What you’ll do

• Lead efforts to take regulatory, risk, and cybersecurity frameworks and translate them into systems and control.

• Work with business and technology stakeholders to build controls to meet enterprise security & compliance needs

• Conduct regular risk assessments, including technical audits of our internal systems & third parties to identify technical risks to the company

• Stay informed of cybersecurity laws, regulations, and compliance requirements to ensure the organization's policies align with industry standards. 

• Communicate clearly and champion security standards and best practices

• Develop and build security governance KPIs to support a data driven culture to security

What you’ll need

• Bachelor's Degree (BA/BS) from a four-year college or university.

• Minimum of 4 years of experience working in technical roles, with an additional 2- 3  years working in a compliance, privacy, risk, and/or security capacity developing risk-based policies and controls.

• Expertise leading compliance initiatives, such as PCI DSS, SOX IT Audits, SOC 2/ ISO 27001, NIST SP 800-53, and evaluating risk against organizational standards.

• Experience conducting technical audits of modern technical stacks, such as public cloud (Google Cloud Platform, Amazon Web Services), Github/Gitlab, Snowflake, IDP (Okta).

• Deep knowledge of defining, documenting, updating, and/or mapping controls, policies, procedures, and exceptions.

• Background in managing enterprise risks and mitigation efforts.

• Comfortable with infrastructure as code, query languages,  and experience with scripting languages.

• Ability to self-manage work and meet important deadlines in a fast-paced, rapidly evolving environment. 

• Strong track record of successful collaboration across a diverse range of stakeholders, including internal teams and external parties (auditors, legal teams, engineers, etc.).

• Excellent research and communication skills with the ability to effectively translate needs and requirements across multiple disciplines. 

Don’t let imposter syndrome get in your way of an incredible opportunity. We’re looking for people who can help us achieve our mission and vision, not just check off the boxes. If you’re excited about this role, we encourage you to apply. You may just be the right candidate for this or other roles.

Why you’ll love working here: 

At Dave, our people are just as important as our product. Our culture is a reflection of our values that guide who we are, how we work, and what we aspire to be. Daves are member centric, helpful, transparent, persistent, and better together. We strive to create an environment where all Daves feel valued, heard, and empowered to do their best work. As a virtual first company, team members can live and work anywhere in the United States, with the exception of Hawaii. 

A few of our benefits & perks:

💚 Opportunity to tackle tough challenges, learn and grow from fellow top talent, and help millions of people reach their personal financial goals

💻 Flexible hours and virtual first work culture with a home office stipend

🏥 Premium Medical, Dental, and Vision Insurance plans

👶 Generous paid parental and caregiver leave

💰 401(k) savings plan with matching contributions

📈 Financial advisor and financial wellness support

🏖️ Flexible PTO and generous company holidays, including Juneteenth and Winter Break

🎉 All-company in-person events once or twice a year and virtual events throughout to connect with your team members and leadership team

Dave Operating LLC is proud to be an Equal Employment Opportunity employer and is dedicated to cultivating a diverse and inclusive workplace. We will consider for employment all qualified applicants and do not discriminate on any basis protected by federal, state, or local law, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance relating to an applicant's criminal history.

#LI-REMOTE