Advance your potential – and reach your goals

As a Cybersecurity Governance, Risk and Compliance (GRC) Analyst in OneMain’s Cybersecurity Risk team, you will be focused on providing effective oversight of cybersecurity and technology activities to identify, assess, and manage technology and cybersecurity risk throughout the organization.  This role will work closely with all cybersecurity teams coordinating responses to examinations and inquiries, identifying and properly managing risk treatment, and conducting self-assessments in alignment with financial industry regulations.

Members of the Cybersecurity Risk and Controls team are motivated, detail-oriented, and thrive in a collaborative environment where they will add value to key business partners. This position will require you to be adaptive, willing to drive change and innovation, and work in a fast-paced environment requiring collaboration and the ability to organize and prioritize assignments.

Responsibilities:

• Assist with the end-to-end process for regulatory compliance and examinations, including those related to NYDFS 23 NYCRR Part 500 cybersecurity regulations and other external assessments. 
• Partner with Legal and Compliance to understand any current regulatory requirements, pending requirements, and the implications for our Cybersecurity Program.
• Work with our Internal Audit team to clearly define the annual audit schedule, scope, and processes for meetings and requests.
• Work with accountable leaders and teams across Cybersecurity, Technology, and other lines of business to ensure timely and comprehensive responses are documented, evidence collected and reported as required.
• Manage the process to ensure timely and complete remediation of all findings from any exam, audit, or assessment.
• Utilize company tools to document, track and provide updates on technology and cybersecurity controls, issues and risk exceptions
• Develop KPIs and KRIs associated with our Cyber Risk Exam, Audit, and Assessment Program.
• Participate in cyber risk treatment processes, including issues management, risk acceptance and risk exception.
• Support team goals by maintaining knowledge of cybersecurity policies and standards and identifying exceptions.  
• Support innovation through process improvements and updating documentation and procedures

Qualifications:

• Bachelor’s degree or equivalent work experience
• Minimum of 4 years of experience in cybersecurity, technology audit, risk management, or GRC
• Experience working with cybersecurity requirements, controls, and standards.
• Strong working knowledge of NIST Cybersecurity Framework (CSF), AICPA (American Institute of Certified Public Accountants) Systems and Organization Controls (SOC) 2 framework, Gramm Leach Bliley Act (GLBA), Federal Trade Commission (FTC) requirements and guidelines, the New York Department of Financial Services 23 NYCRR 500 Regulation ("NYDFS"), the National Association of Insurance Commissioners (“NAIC”) Insurance Data Security Model Law, the California Consumer Protection Act ("CCPA"), Federal Deposit Insurance Corporation (“FDIC”) Information Technology and Cybersecurity laws and regulations
• Experience and ability to manage workstreams and oversee tasks within technical teams
• Strong analytical skills with the ability to think critically and question the information gathered to identify gaps and non-compliance with a requirement
• Ability to work in a fast-paced environment and great collaborator within a team
• Strong attention to detail, organization and communication

Who we Are

OneMain Financial (NYSE: OMF) is the leader in offering nonprime customers responsible access to credit and is dedicated to improving the financial well-being of hardworking Americans. Since 1912, we’ve looked beyond credit scores to help people get the money they need today and reach their goals for tomorrow. Our growing suite of personal loans, credit cards and other products help people borrow better and work toward a brighter future.

Driven collaborators and innovators, our team thrives on transformative digital thinking, customer-first energy and flexible work arrangements that grow lives, careers and our company. At every level, we’re committed to an inclusive culture, career development and impacting the communities where we live and work. Getting people to a better place has made us a better company for over a century. There’s never been a better time to shine with OneMain.

Because team members at their best means OneMain at our best, we provide opportunities and benefits that make their health and careers a priority. That’s why we’ve packed our comprehensive benefits package for full- and some part-timers with: 

• Health and wellbeing options including medical, prescription, dental, vision, hearing, accident, hospital indemnity, and life insurances 
• Up to 4% matching 401(k)   
• Employee Stock Purchase Plan (10% share discount)   
• Tuition reimbursement   
• Paid time off (15 days’ vacation per year, plus 2 personal days, prorated based on start date) 
• Paid sick leave as determined by state or local ordinance, prorated based on start date 
• Paid holidays (7 days per year, based on start date) 
• Paid volunteer time (3 days per year, prorated based on start date) 

 Target base salary range for Baltimore is $100K-$120K, which is based on various factors including skills and work experience. In addition to base salary, this role is eligible for a competitive compensation program that is based on individual and company performance.