RemoteLeaf Logo
Log in Sign up

Third Party Information Security Assessment Lead Assessor

1 month ago
Mexico, Argentina, Costa Rica, Ecuador, Uruguay
Full-time
Senior
Security Analyst
Cybersecurity
Cybersecurity
Apply Now
SoFi

SoFi

SoFi specializes in providing a comprehensive financial platform that empowers individuals to achieve their financial goals through services such as student loan refinancing, debt consolidation, home buying assistance, and investment opportunities, all...

Capital Markets
1K-5K
Founded 2011
$2900M raised
View All Jobs 30

Description

  • Lead and manage TPISA execution for an assigned book of third parties, ensuring timely delivery and adherence to program service level agreements.
  • Serve as the subject matter expert for assigned third parties, assessing inherent risk, control strength, residual risk, and recommended corrective actions.
  • Draft and deliver detailed Issue Capture forms that document TPISA issues, risks, and remediation plans to bring the business into compliance.
  • Coordinate with cross‑functional teams and stakeholders to ensure key TPISA lifecycle stages and steps are met.
  • Work with business units and legal vehicles to determine the source and context of non‑compliance and escalate findings to Governance for review and approval.
  • Use and maintain the TPISA system of record to drive consistency, auditability, and enforcement of lifecycle steps and industry best practices.
  • Engage with Third Party Relationship Managers to drive resolution of completed, incomplete, or past‑due assessments and track remediation plans through governance.
  • Support the TPISA Program Manager on program maturity initiatives, system and tool enhancements, and workload balancing across the team.
  • Partner and communicate with 2nd, 3rd, and 4th line of defense counterparts on process, risk, and control reviews.

Requirements

  • Bachelor’s or master’s degree in Computer Science, Information Security, Risk Management, or a related field.
  • 5+ years of experience in a Third Party Information Security Assessment role within a highly regulated organization.
  • One or more relevant industry certifications such as CRISC, CISSP, CISA, or CISM.
  • Experience with regulatory examinations and a strong technical understanding of audit and testing concepts.
  • In‑depth knowledge of security frameworks and regulatory requirements (e.g., NIST, PCI, ISO 27000 series).
  • Proven ability to quickly assimilate new information and apply Cybersecurity Program Management best practices.
  • Strong organizational, leadership, decision‑making, communication, and project management skills with the ability to manage multiple assessments and issues concurrently under tight deadlines.
  • Experience working across business, Vendor Management, Procurement, Legal, Compliance, and Risk stakeholders.
  • Nice to have: Project Management Professional (PMP) certification and understanding of cloud security frameworks and risk management programs.
  • Nice to have: subject matter expertise in three or more cybersecurity key control domains, experience in both regulated financial services and fintech startup environments, and experience working in US and offshore geographies.

Benefits

  • Base pay range is provided for the role with final offer determined by experience, skills, and location.
  • Comprehensive and competitive benefits package (details available on SoFi’s Benefits page).
  • SoFi provides reasonable accommodations for candidates with physical or mental disabilities during the application and interview process.
  • SoFi is an equal employment opportunity employer and maintains an inclusive culture; note that remote work from Hawaii and Alaska cannot be accommodated due to insurance coverage constraints.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Protera

SOC Analyst (L2)

Protera 251-1K IT Services

Protera Technologies is hiring a remote SOC Analyst to provide 24x7 monitoring, detection, and incident response for the company’s cybersecurity environment—focusing on maintaining and improving the organization’s security posture through detection, response, and automation.

India Full-time Mid Level Security Analyst
AWS Azure Elasticsearch HIPAA SIEM Splunk
1 month ago
Everbridge

Intelligence Analyst (Night Shift)

Everbridge 1K-5K Internet Software & Services

Everbridge is hiring an Intelligence Analyst to join its International Monitoring Center (remote, anywhere in Hungary) to monitor overnight risk events, produce timely real-time reports, and provide operational support to clients.

Hungary Full-time Mid Level Security Analyst
1 month ago
Ivanti

Information Security Data and Risk Analyst

Ivanti 1K-5K Internet Software & Services

Ivanti is hiring a Security Data and Risk Analyst to own and drive enterprise visibility of security risk by developing KPIs/KRIs, automating data pipelines and presenting executive-ready insights to reduce risk across products and corporate environments.

United States Full-time Senior Security Analyst
Cybersecurity Go Python SIEM SOC
1 month ago
ARETUM

Security Compliance & Documentation Analyst

ARETUM Construction & Engineering

Aretum is hiring a Mid-Level Security Compliance & Documentation Analyst to lead RMF, authorization, and compliance activities for complex classified C5ISR and IIR mission systems and to ensure package integrity, documentation quality, and authorization readiness for federal customers.

United States Full-time Mid Level Security Analyst Technical Writer
AWS
1 month ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers