Director of Technology Risk and Compliance

New York, NY
Mar 13, 2017
Jobs Outside Higher Education
Businesses & Consultants
Institution Type
Outside Academe

Job Description

Director of Technology Risk and Compliance

at OnDeck (View all jobs)

New York, NY

What excites us at OnDeck? Technology. Innovation. Small businesses. We believe in our employees and power their growth through being challenged every day and offering careers that inspire. We're all about teamwork, passion and making an impact. Oh and having fun - Whether it's a game of Ping-Pong, team get-togethers or weekly happy hours in the office.

OnDeck (ONDK) uses data aggregation and electronic payment technology to evaluate the financial health of small and medium sized businesses to efficiently deliver capital to a market underserved by banks. Through the OnDeck platform, millions of small businesses can obtain affordable loans. We are changing the way small businesses borrow money by combining our passion for Main Street with cutting-edge technology. We evaluate businesses based on their actual performance, not personal credit, and that's enabled us to say "yes" more often and faster than traditional lenders.

Department overview:.

All of OnDeck runs on Big Data - but the Risk team works with the biggest data of all. Join our team of crack data scientists as we work to understand small business better than any other lender. Use innovative, quantitative analysis to drive OnDeck's strategic and tactical business decisions. And build sophisticated models using all of OnDeck's industry-dominating proprietary data to help us learn, grow, and win.

The ideal candidate for this position will be a dynamic, creative, results-driven leader with experience leading successful risk & control projects in financial services.

The role also requires strong project management and problem solving skills, ability to foster positive working relationships and challenge ensure the most effective solution for our business.

In this role you will:
  • Establish and communicate a holistic risk profile to senior leadership, pulling in relevant risk themes, metrics and other risk measures; support appropriate prioritization of follow up actions and monitor they are completed as planned
  • Partner with technology teams to help them identify, understand and manage technology control risk through control education, review of metrics, and completion of self assessments
  • Measure vendor risk by building a vendor risk management program.
  • Coordinate all technology regulatory, audit and controls activity to minimize the impact on technology leadership
  • Drive closure of technology issues and actions resulting from internal audit, regulatory reviews and external audits; work with action owners to gather and evaluate appropriateness of evidence
  • Lead global control assessments with technology teams to support continuous control monitoring; document potential control gaps and questions, and conduct follow-up throughout the year
  • Coordinate the service audit (SSAE 16, SOC1, SOC2 and related) and SOX 404 testing for technology, helping to define system scope and enforce an integrated audit approach
  • Develop a policy framework covering information technology and security topics that is both in line with the current operating environment, leverages external frameworks such as ISO 27001, but comprehensive enough to achieve the expectations of our clients
  • Define a simple set of technology key risk indicators and metrics to help identify when behavior is outside of appetite and requires management attention; provide reports to management with trending and analysis

Qualifications for success:
  • 7-10 years of experience working in a Technology Risk, Audit or related field (Asset Management industry experience preferred)
  • 2-4 years of recent experience with standard control frameworks and building core elements of a TRM program based on ISO 27005
  • Experience in a technology operations or development role preferred
  • Proven ability to manage issues through to resolution
  • Big 4 Accounting firm experience preferred
  • Understanding of Privacy and Information Security regulations
  • Strong project management, analytical and organizational skills
  • Strong interpersonal skills and ability to communicate effectively
  • Strong skills in Microsoft Excel, Powerpoint, and Word
  • Ability to successfully multitask and complete difficult assignments within deadlines which may have short lead times
  • Ability to develop and maintain effective working relationships

What we offer you:
  • Have a meaningful impact on the company's future, and share in the rewards accordingly
  • Work in a fun, fast-paced start up environment with some really cool and brilliant people
  • Be on a motivated team that gets a lot done
  • An open minded, collaborative culture of enthusiastic technologists.
  • Medical/dental/vision insurance, 401k matching program, flex spending plan and life insurance.
  • Smart colleagues who you can learn from.
  • Paid/flexible vacations and holidays.
  • If you're sick just stay home and feel better.
  • Summer & Holiday events with the entire office!
  • Happy hour every Wednesday.
  • Fully stocked kitchen with snacks and drinks.


Apply for this Job

* Required

First Name *

Last Name *

Email *


Resume/CV *

Attach Dropbox Google Drive Paste

Cover Letter

Attach Dropbox Google Drive Paste

LinkedIn Profile - if you do not have a LinkedIn profile, please write N/A *


How did you hear about this job?

How did you get into risk, compliance, and security? *

U.S. Equal Opportunity Employment Information (Completion is voluntary)

Individuals seeking employment at OnDeck are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.

Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

Gender- Select -Male Female Decline To Self Identify

Are you Hispanic/Latino?- Select -YesNoDecline To Self Identify

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An ctive duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An rmed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status- Select -I am not a protected veteran I identify as one or more of the classifications of a protected veteran I don't wish to answer

Form CC-305

OMB Control Number 1250-0005

Expires 1/31/2017

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

Because we do business with the government, we must reach out to, hire, and provide equal opportunity to qualified people with disabilities1. To help us measure how well we are doing, we are asking you to tell us if you have a disability or if you ever had a disability. Completing this form is voluntary, but we hope that you will choose to fill it out. If you are applying for a job, any answer you give will be kept private and will not be used against you in any way.

If you already work for us, your answer will not be used against you in any way. Because a person may become disabled at any time, we are required to ask all of our employees to update their information every five years. You may voluntarily self-identify as having a disability on this form without fear of any punishment because you did not identify as having a disability earlier.

How do I know if I have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:
  • Blindness
  • Deafness
  • Cancer
  • Diabetes
  • Epilepsy
  • Autism
  • Cerebral palsy
  • Schizophrenia
  • Muscular dystrophy
  • Bipolar disorder
  • Major depression
  • Multiple sclerosis (MS)
  • Missing limbs or partially missing limbs
  • Post-traumatic stress disorder (PTSD)
  • Obsessive compulsive disorder
  • Impairments requiring the use of a wheelchair
  • Intellectual disability (previously called mental retardation)

Disability Status- Select -Yes, I have a disability (or previously had a disability) No, I don't have a disability I don't wish to answer

Reasonable Accommodation Notice

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

1Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

New York, NY


Sun, 12 Mar 2017 09:29:38 PDT