Credit Karma is a mission-driven company, focused on championing financial progress for our more than 100 million members in the U.S., Canada and U.K. While we're best known for pioneering free credit scores, our members turn to us for tips as they work on their financial goals, including helping them monitor their credit, identity monitoring, searching for credit cards, shopping for loans (car, home and personal), filing their taxes with Credit Karma Tax and growing their savings* -- all for free. Credit Karma has grown significantly through the years: we've added more than 70 million members in the last five years alone and now have more than 1,100 employees across our offices in San Francisco, Charlotte, Los Angeles, Leeds, London and soon Oakland.
We are seeking a Technology Compliance Analyst to join our Internal Audit Department. You will be conducting audits and reviews of various areas of Credit Karma’s corporate functions. This is a hands-on audit role with primary responsibility for completing detailed IT testing of processes and controls. You will also assist in performing audit risk assessments and develop audit objectives and procedures. Also, you will prepare working papers to document your testing of key internal IT controls in accordance with departmental and professional internal audit standards. You should have proven ability to establish relationship and work cross-functionally to drive time sensitive deliverables, issues tracking and reporting.
*Banking services provided by MVB Bank, Inc., Member FDIC
What you'll do:
- Perform walkthroughs in order to assist with process documentation
- Test internal controls and identify control deficiencies, analyze impact and exposure, and recommend improvements
- Develop, streamline, and remediate internal controls related to IT, security, operations, and engineering
- Work with external auditors to assist in the completion of annual compliance audits
- Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, frameworks such as requirements to align with SOC I & II, ISO 27001, NIST/FedRamp etc.
- Work with internal partners to complete internal audit requirements
- Performs other duties as assigned or necessitated by business, regulatory or emergency situations
What we are looking for:
- B.S. degree required in Management Information Systems, Business or Accounting, or other related field
- 3 - 5 of years experience with one or more of the internal controls frameworks (PCI, NIST 800-53, DoD STIGs, SSAE 18 (SOC), ISO 27001, MS-SDL)
- CISA, CISSP or other relevant certifications strongly preferred
- Big4 or other consulting experience a plus
- Knowledge of the SDLC, agile development, or basic coding principles
- You have or plan to obtain your CISA, CISSP, CIA or other certifications (we'll prepare you and pay for it!)
- Strong technical, analytic, and communication skills (both written and verbal)
Equal Employment Opportunity
Credit Karma is committed to a diverse and inclusive work environment. We believe that such an environment advances long-term professional growth, creates a robust business, and supports our mission of championing financial progress for everyone. We offer generous benefits and perks with a single eye to nourishing an inclusive environment that recognizes the contributions of all and fosters diversity by supporting our internal Employee Resource Groups. We’ve worked hard to build an intensely collaborative and creative environment, a diverse and inclusive employee culture, and the opportunity for professional growth. As part of the Credit Karma team, your voice will be heard, your contributions will matter, and your unique background and experiences will be celebrated.
Credit Karma is also proud to be an Equal Opportunity Employer. We welcome all candidates without regard to race, color, religion, age, marital status, sex (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity or gender expression, national origin, veteran or military status, disability (physical or mental), genetic information, or any other protected characteristic. We prohibit discrimination of any kind and operate in compliance with the San Francisco Fair Chance Ordinance.