Sr. GRC Analyst- 190529

Pleasanton, CA
Technology & Operations – Information Security and IRM
Full time
Ellie Mae is the leading cloud-based platform provider for the mortgage finance industry. Ellie Mae’s technology solutions enable lenders to originate more loans, reduce origination costs, and reduce the time to close, all while ensuring the highest levels of compliance, quality and efficiency. Visit ‪ to learn more.

Ellie Mae’s Governance, Risk and Compliance (GRC) Team is seeking a Sr. GRC Manager who possesses good analysis, collaboration, communications skills and the ability apply knowledge of information systems auditing and controls.  This role will be responsible for conducting technology risk assessments and audits in a “second line of defense” capacity.  

What you will do:

    • Perform and automate monitoring of technology controls; create and maintain documentation of test scripts, test results, issues/control gaps, corrective actions, and status focusing on specialized GRC tools and frameworks. 
    • Conduct risk assessments using industry standard frameworks.  The frameworks include; NIST Cybersecurity, GLBA and FFIEC Financial Services Guidelines for FinTech Companies.   
    • Support SOC and PCI-DSS audits and reporting activities.
    • Support collaborative working relationships with members of other functional teams within Ellie Mae.   

Required skills:

    • Capable of working with minimal supervision in teams and committing to deadlines for the multiple SOC audits and pre-assessments.
    • Knowledge and experience auditing technology controls, including logical access, change management, security, data protection, incident/problem management, project management, software development lifecycle, technology operations.
    • Knowledge and experience using industry standards and frameworks for implementing the selected GRC tool for the company. 
    • Delivery focused, willingness to perform and manage all tasks required to complete the job and meet deadlines, including administrative and documentation-oriented tasks.
    • Ability to work in a fast-paced environment and handle ambiguity, while meeting objectives and deadlines.
    • Attention to detail and thoroughness, with a focus on the completeness, accuracy, integrity, security, and confidentiality of the information handled and activities performed.
    • BA/BS degree in MIS, Computer Science (or equivalent) with 7 to 10 years of relevant experience.

Preferred skills

    • Prior audit experience in SOC, External or Internal Audit.
    • Knowledge of agile and secure software development lifecycle processes and collaboration tools (e.g., JIRA, Confluence).
    • Knowledge of ServiceNow, Workday and is a plus.
    • Knowledge and experience using Unified Control Frameworks (NIST Cybersecurity Framework, PCI, Cloud Security Alliance).
    • Proficient in Office Applications (MS Word, MS Excel, MS Access, MS Project, Sharepoint).
    • Knowledge of industry GRC tools.
    • Prior Financial Institutions experience is nice to have.

Ellie Mae is an equal opportunity and affirmative action employer. Women, minorities, people with disabilities, and veterans are encouraged to apply.

We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us.