IT Compliance Analyst Lead

Why GMF Technology?

GM Financial is set to change the auto finance industry and is leading the path of embarking on tech modernization – we have a startup mindset, and preserve our small company culture, in a public company environment with financial stability and intense growth over a decade-plus history. We are data junkies and trust in data and insights to advance our business objectives. We take our goal of zero emission, zero collision, zero congestion, and zero friction very seriously. We believe as an auto finance market leader we are in the driver's seat to lead us in the GM EV mission to change the world. We are building global platforms, in LATAM, Europe, China, U.S. and Canada– and we are looking to grow our high-performing team. GMF is comprised of over 10,000 team members globally. Join our fintech culture within a Blue-Chip company where we are changing the way we use technology to support our customers, dealers and business.

Flexible hybrid work environment (onsite 2 days a week/3 days remote) at our Arlington (AOC1), TX office.

About this role

The Technology Governance, Risk and Compliance (GRC) Lead is responsible for leading the Governance, Risk and Compliance efforts within one of three domains, developing critical frameworks, creating effective and efficient testing and assessment methodology, and performing innovative analysis and complex reviews to identify and remediate risk and ensure well-functioning controls. As a practice owner, the Technology GRC Lead will have the responsibility for setting practices standards, managing key partner relationships and will be the functional subject matter expert in that area.

JOB DUTIES

• Develop compliance, control, risk management, and governance frameworks
• Design compliance, testing, continuous monitoring, self-assessment and validation methodologies
• Perform compliance and risk reviews and document results to allow external reliance
• Understand patterns across risks and issues, ensure understanding by technology leaders and recommend systemic paths to resolution
• Develop, enhance and perform reviews to ensure that major technology initiatives have appropriate controls and risk mitigate activities
• Understand and document the domain technology and process landscape to identify risk levels
• Facilitate identification and resolution of policy and standards gaps and advise leadership on roadmaps for achieving compliance
• Influence technology owners to action through expertise, credibility and escalation
• Assess GRC knowledge gaps, create role-based training and facilitate large-scale training events
• Own a GRC practice (eg policy, regulatory, issue management, work practices, etc) on behalf of the team
• Manage multiple initiatives to successful implementation
• Perform other duties as assigned
• Conform with all company policies and procedures

What makes you a dream candidate?

Knowledge

• Strong working knowledge of Sarbanes-Oxley (SOX) and other applicable government regulations
• Strong knowledge of project management methodologies, application development lifecycle, and organizational change management
• Advanced knowledge of information technology systems, infrastructure and operations
• Advanced working knowledge of information systems and operations systems and databases
• Advanced knowledge of business processes for supported business groups
• Advanced knowledge of information technology systems, infrastructure and operations
• Working knowledge of Azure, UNIX, Linux, Oracle, iSeries, Cisco, Windows and general IT best practices
• Working knowledge of security and control management best practices such as COBIT, COSO, ITIL, and ISO

Skills

• Strong in the use of Microsoft Office software including strong ability to analyze data using Excel for reporting and data mining purposes
• Ability to meet expected delivery dates and the tasks necessary to achieve objectives
• Ability to interact with staff at all levels
• Excellent writing and speaking skills
• Strong people skills
• Advance experience with data visualization concepts and tools
• Proven ability to deliver mission critical software development projects
• Ability to effectively lead, organize, and supervise as needed

Education and Experience

• Bachelor’s Degree in related field or equivalent experience required
• Master’s Degree preferred
• 7-10 years combined experience in Information Technology, Audit and Compliance disciplines required

Licenses

• CIA, CISA, CPA, CISSP, or CRISC Upon Hire
• Professional certifications such as ITIL or PMI

What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.

Our Culture: Our team members define and shape our culture — an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.

Compensation: Competitive pay and bonus eligibility

Work Life Balance: Flexible hybrid work environment, 2-days a week in office

#LI-SG1

#LI-Hybrid