IT Compliance Analyst Lead

Overview

Why GMF Technology?

GM Financial is set to change the auto finance industry and is leading the path of embarking on tech modernization - we have a startup mindset, and preserve our small company culture, in a public company environment with financial stability and intense growth over a decade-plus history. We are data junkies and trust in data and insights to advance our business objectives. We take our goal of zero emission, zero collision, zero congestion, and zero friction very seriously. We believe as an auto finance market leader we are in the driver's seat to lead us in the GM EV mission to change the world. We are building global platforms, in LATAM, Europe, China, U.S. and Canada- and we are looking to grow our high-performing team. GMF is comprised of over 10,000 team members globally. Join our fintech culture within a Blue-Chip company where we are changing the way we use technology to support our customers, dealers and business.

• Develop compliance, control, risk management, and governance frameworks
• Design compliance, testing, continuous monitoring, self-assessment and validation methodologies
• Perform compliance and risk reviews and document results to allow external reliance
• Understand patterns across risks and issues, ensure understanding by technology leaders and recommend systemic paths to resolution
• Develop, enhance and perform reviews to ensure that major technology initiatives have appropriate controls and risk mitigate activities
• Understand and document the domain technology and process landscape to identify risk levels
• Facilitate identification and resolution of policy and standards gaps and advise leadership on roadmaps for achieving compliance
• Influence technology owners to action through expertise, credibility and escalation
• Assess GRC knowledge gaps, create role-based training and facilitate large-scale training events
• Own a GRC practice (eg policy, regulatory, issue management, work practices, etc) on behalf of the team
• Manage multiple initiatives to successful implementation
• Perform other duties as assigned
• Conform with all company policies and procedures

• Strong working knowledge of Sarbanes-Oxley (SOX) and other applicable government regulations
• Strong knowledge of project management methodologies, application development lifecycle, and organizational change management
• Advanced knowledge of information technology systems, infrastructure and operations
• Advanced working knowledge of information systems and operations systems and databases
• Advanced knowledge of business processes for supported business groups
• Advanced knowledge of information technology systems, infrastructure and operations
• Working knowledge of Azure, UNIX, Linux, Oracle, iSeries, Cisco, Windows and general IT best practices
• Working knowledge of security and control management best practices such as COBIT, COSO, ITIL, and ISO

• Strong in the use of Microsoft Office software including strong ability to analyze data using Excel for reporting and data mining purposes
• Ability to meet expected delivery dates and the tasks necessary to achieve objectives
• Ability to interact with staff at all levels
• Excellent writing and speaking skills
• Strong people skills
• Advance experience with data visualization concepts and tools
• Proven ability to deliver mission critical software development projects
• Ability to effectively lead, organize, and supervise as needed

• Bachelor's Degree in related field or equivalent experience required
• Master's Degree preferred
• 7-10 years combined experience in Information Technology, Audit and Compliance disciplines required

• CIA, CISA, CPA, CISSP, or CRISC Upon Hire
• Professional certifications such as ITIL or PMI