About GreenSky

GreenSky LLC, headquartered in Atlanta, is a leading technology company Powering Commerce at the Point of Sale® for a growing ecosystem of merchants, consumers, and banks. GreenSky’s highly scalable, proprietary and patented technology platform enables merchants to offer frictionless promotional payment options to consumers, driving increased sales volume and accelerated cash flow. The GreenSky® Program is operated on behalf of, and financing is offered and made by, federally insured, federal or state chartered financial institutions, which leverage GreenSky’s technology to offer and make loans to primarily super-prime and prime consumers nationwide. Since GreenSky’s inception, nearly 6 million consumers have financed more than $50 billion of commerce using GreenSky’s real time “apply and buy” technology.

Position: Senior Specialist, Enterprise Risk Assurance

Location: Atlanta, GA

The Enterprise Risk Assurance Senior Specialist reports into GreenSky’s Enterprise Risk Assurance (ERA) team and is responsible for day-to-day activities across the entire scope of GreenSky’s Technology Governance, Risk, Compliance, and Privacy Assurance programs. This position works closely with Operations, Information Technology, Security, HR, and other business units to develop proper processes that sufficiently identify and mitigate risk.

In this role, The Senior Specialist is responsible for leading control effectiveness assessments for organizational applications, infrastructure, and technologies. The Senior Specialist is also required to lead quarterly systems access reviews with appropriate owners, as well as identify, classify, and document control issues in the GreenSky computing environment. The Senior Specialist will need to guide junior members during project engagements to ensure Team success.

The Senior Specialist will be responsible for conducting control compliance tests, recommending corrective actions, tracking remediation efforts, evaluating associated policies and control standard exceptions, and regularly reporting up to ERA management. 

This role also helps lead annual internal and external audits of GreenSky’s computing environments.

Duties & Responsibilities:        

• Drives the completion of Information and Information Systems Control Testing, in accordance with GreenSky ERA Department methodology and industry professional standards, to ensure effective controls are in place to meeting operational and compliance requirements.
• Effectively reports and communicates testing results to ERA management for corrective action, where required.
• Performs evidence collection and project management activities during annual Compliance program audits (NIST CSF, SOC 1, SOC 2, etc.).
• Leads the facilitation of ongoing corporate logical access reviews. Recommends access control privilege updates to ensure proper Segregation of Duties is maintained.
• Leads the performance of Information Technology General Control (ITGC) testing to ensure SOX readiness is maintained.
• Demonstrates excellent teamwork and responsibility with leading team members and driving for the success of the team.
• Contributes to the team knowledge base by participating in appropriate training and providing industry and best practice knowledge. Uses current technology/tools to enhance the effectiveness of deliverables and services.
• Performs other duties, as requested.

Organizational:  This position is a member of the Enterprise Risk Assurance (ERA) team, and reports to the Director, ERA. This team reports into the Enterprise Risk & Analytics Department to maintain independence during its day-to -day responsibilities.

• Bachelor's degree in accounting, finance, or information technology. An equivalent combination of education and work experience may be taken into consideration in lieu of a degree.
• Robust and in-depth knowledge of information systems terminology, concepts, and practices.
• Extensive knowledge of risk management, control, and control frameworks.
• Knowledge of Financial Services business processes and regulatory requirements.
• Advanced skills in collecting and analyzing complex data, evaluating information and systems, and drawing logical conclusions.
• Ability to flourish in a fast-paced, complex environment and willing to adapt to change.
• Ability to lead a team during project engagements and achieve timely results.
• Good communication skills along with good negotiation skills.

Preferred Skills:

• 4 to 5 years of relevant Enterprise Cloud Computing Information Systems experience
• Information Technology General Control (ITGC) audit experience.
• NIST CSF v2.0; SOC 1, Type 2; SOC 2, Type 2 audit experience.

GreenSky is an equal opportunity employer and will not discriminate against any employee or applicant on the basis of age, color, disability, gender, national origin, race, religion, sexual orientation, veteran status, or any classification protected by federal, state, or local law.