Senior Director, 1LOD Business Controls Program Management

The Role:

Business Controls Senior Director supporting a newly formed function to drive effective program management and innovative testing which is positioned in the first line of defense (1LOD) and reporting to the Head of Business Controls.  This experienced, senior leader will act as the Business Controls Lead for driving consistent execution, delivery, innovation, and quality for core 1LOD risk management programs such as RCSA, control testing, issues management, new product risk assessments, GRC tool enablement, and reporting.

Responsible for establishing a quality assurance program focused on consistent execution of RCSA, Issues Management, and Testing in alignment with 2LOD defined Policies and Standards.  Additionally, the leader will drive automation of control testing and monitoring bringing to life AI support tools and technologies.  Finally, the role will enable improved integration of GRC capabilities by driving consistent process and business hierarchies, delivering business driven insights through reporting, and facilitating the effectiveness of SoFi’s new product risk assessment program.

What You’ll Do: 

• Partner and collaborate across your covered departments: the second line of defense Compliance and Risk Management teams; Audit; and Regulators to support a diverse portfolio of risk and compliance-based initiatives to effectively manage and mitigate risk.
• Lead and drive the efficiency and comprehensive coverage of control testing activities in the 1LOD.
• Drive strategic alignment with stakeholders and partners on testing activities and framework alignment with industry best practices.
• Facilitate and advise on performing new product and service risk assessments including driving the effective governance of any pre and post launch monitoring.
• Establish an internal control quality assurance framework and plan that evaluates adherence to 2LOD Policies and Standards for issues management, RCSA, and control testing.
• Maintain a comprehensive understanding of existing and emerging regulatory requirements, operational processes, inherent risks, and internal policies & practices to provide advice to stakeholders.
• Engage in large and complex initiatives and programs to identify and assess risks and controls, develop strategies to remediate gaps identified, and implement processes to effectively manage and mitigate risk
• Enable a process to ensure quality data is being submitted and maintained with the SoFi GRC repository.
• Assist stakeholders with the development and maintenance of all critical hierarchies within the GRC to include processes, products, organizational functions, and risk/compliance taxonomies.
• Develop, implement, and maintain a change management program that creates structure on any changes within risk management related expectations for the 1LOD.
• As a key leader in the Business Controls team, strongly contribute to the design, development, and implementation of 1LOD risk management programs; share best practices to ensure all parts of the 1LOD are executing efficiently and effectively 
• Utilize strong 1LOD governance practices; participate in key Committees as needed
• Follows written second line of defense (2LOD)  risk and compliance policies for business activities; assists 1LOD in translating into execution
• Utilize effective 1LOD risk reporting and trend analysis; advise functional unit leaders on the status of their control environment related to risk identification and control weaknesses. Identifies critical areas to monitor and escalates issues and findings to appropriate stakeholders.
• Assists with translating control deficiencies into action plans and provides recommendations to enhance governance practices in alignment with risk and compliance frameworks.
• Anticipates business needs and proactively identifies opportunities to improve and strengthen the control environment through actionable insights.

What You’ll Need:

• A Bachelor's Degree or 4 years of relevant experience in lieu of a degree
• 12+ years of leadership experience supporting risk and/or compliance-related activities in financial services operating environment or other relevant industry
• Demonstrated experience with driving automated control testing techniques and methods of efficient control monitoring
• Experience leveraging AI and other tools/technologies to facilitate control testing and monitoring
• Subject matter expertise in implementing and utilizing a GRC tool for business insights
• Experience with managing large scale and complex projects
• Subject matter expertise in operational risk and controls; working knowledge of relevant regulations and standard industry processes
• Experience executing RCSA framework, control testing and issues management
• Experience with assessing risk associated with implementing new products and services
• Excellent verbal and written executive communication skills
• Influencing skills and ability to effectively partner with all levels of management to help drive the control agenda
• Experience interacting with regulators (e.g., Federal Reserve, OCC, or CFPB)
• Experience with risk data, reporting and analysis.
• Ability to analyze, organize and prioritize across multiple competing priorities
• Demonstrates initiative, ownership and accountability
• Nice to have includes advanced degree; relevant industry certifications, for example, CPA, CCRM, CIA, CISA