Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
Job Details
Experience Level: Experienced Hire Categories:
- Corporate Services
- Remote - United States, US
- Lead and support KYC’s, SOC2 and compliance audits and readiness assessments. This includes collaborating with product teams and gathering relevant documentation, conducting internal assessments, and liaising with external auditors
- Lead and support ISO audits by helping to maintain compliance with ISO standards (e.g., ISO 27001). Contribute to the development and maintenance of policies, procedures, and controls in alignment with ISO requirements.
- Maintain accurate and up-to-date records of audit activities, findings, and remediation efforts. Assist in the preparation of audit reports and documentation for internal and external stakeholders.
- Lead and support ongoing control monitoring efforts by monitoring adherence to policies, procedures, and SOC2, ISO requirements. Collaborate with teams across the organization to identify areas of improvement and assist in implementing necessary changes. Support efforts to automate and improve monitoring efficiency and coverage.
- Execute internal technology and cyber risk assessments of products and services. Identify vulnerabilities, threats, and potential risks to our products and services. Work with product, technology and cybersecurity teams to mitigate identified risks.
- Monitor and track the progress of risk remediation activities. Collaborate with stakeholders to ensure timely and effective remediation of identified risks and issues.
- Collaborate with clients during customer audits. Assist in providing necessary documentation, responding to audit inquiries, and ensuring compliance with customer-specific requirements. Respond to Moody’s customers to help them complete their vendor risk reviews of Moody’s software products and the information security controls that protect customer data. Work closely with Moody’s sales and legal teams to support the sales process from RFP submission through contract negotiations. Be a trusted expert on information security and controls-related details for Moody’s products. Engage with teams across Moody’s in sales, product management, development, operations, and business continuity to give customers the information they need to complete their risk reviews of Moody’s products.
- Participate in training sessions related to risk management, compliance, and audit processes. Assist in raising awareness of compliance requirements within the organization.
- Develop and maintain strong relationships with key stakeholders, including senior executives, business unit leaders, and external auditors.
- Third Party Risk: Participate in buildout of Moody’s-wide enhanced third party risk management framework and support MA implementation.
- Compliance Monitoring: Support ongoing compliance efforts by monitoring adherence to policies, procedures, and regulatory requirements. Collaborate with teams across the organization to identify areas of improvement and assist in implementing necessary changes. Support efforts to automate and improve monitoring efficiency and coverage.
- 6 to 10+ years’ experience in related audit and risk roles, including in senior leadership positions.
- Experience in technology risk and audit, preferably in Big 4 or financial services.
- Experience in fintech, software, or technology companies.
- Knowledge of internal controls, technology controls, and frameworks such as NIST, COSO, SSAE 18, etc.
- Knowledge of regulation pertaining to financial services and fintech industry.
- Familiarity with software development practices and enterprise technology operations, particularly in public cloud environments.
- Expertise with risk management methodologies and maturity models.
- Excellent verbal and written communication skills. Ability to handle negotiations and difficult conversations.
- Organized, attentive to detail, and able to prioritize and meet deadlines.
- Strong analytical, problem-solving, collaboration, and project management skills.
- Familiarity with Governance, Risk and Compliance (GRC) tools.
- Proficient with Microsoft Office applications.
- Bachelor’s degree or equivalent experience required; graduate degree a plus.
- Relevant certifications preferred (CISA, CRISC, CISSP, CIA, CFE etc.)
About the Company
Moody's
New York City, NY, United States
In a world shaped by increasingly interconnected risks, Moody's helps customers develop a holistic view of these risks to advance their business... Read more