[Remote] Security GRC Specialist, Audit & Assurance (R13698)

Note:The job is a remote job and is open to candidates in USA. Oportun is a mission-driven fintech that empowers members to achieve their financial goals. The Security GRC Specialist, Audit & Assurance will lead audit readiness and assurance initiatives, ensuring compliance with security and regulatory frameworks while collaborating with internal teams and external auditors. Responsibilities• Lead the planning, coordination, and execution of internal and external audits across SOC 2, PCI DSS, and partner assurance programs• Maintain Oportun’s control framework within AuditBoard, ensuring timely updates, documentation accuracy, and evidence completeness• Collaborate with control owners and cross-functional teams to prepare audit artifacts, track remediation activities, and communicate progress to leadership• Develop and refine audit procedures, evidence collection methodologies, and reporting standards using Microsoft Excel, PowerPoint, and SharePoint• Support development and maintenance of policies, standards, and procedures aligned to regulatory and industry frameworks (NIST CSF, ISO 27001, AICPA/SOC, PCI DSS)• Conduct internal readiness assessments and gap analyses to proactively identify compliance risks and improvement opportunities• Manage auditor and partner requests, providing timely and professional responses• Serve as a mentor and escalation point for junior GRC analystsSkills• Bachelor's degree in Information Systems, Cybersecurity, Business, or related field• 6–8 years of experience in IT audit, security governance, risk, and compliance, or related functions• Hands-on experience supporting or leading SOC 2 and PCI DSS audits• Proficiency with AuditBoard, Microsoft Office (Excel, Word, PowerPoint), and collaboration tools• Strong understanding of information security frameworks (NIST, ISO 27001, AICPA/SOC, PCI DSS, FTC)• Excellent written and verbal communication skills, with the ability to translate technical topics into business terms• Proven ability to manage multiple concurrent audits or assurance initiatives in a dynamic environment• Certifications such as CISA, CIA, CRISC, or CISSP• Experience coordinating SOC 1, FTC Safeguards, or SOX ITGC programs• Experience in the financial services or fintech industry• Demonstrated ability to build relationships across technical and non-technical teamsCompany Overview• Oportun is a digital banking platform that offers personal loans and financial services to people with limited credit history.It was founded in 2005, and is headquartered in San Carlos, California, USA, with a workforce of 1001-5000 employees. Its website isCompany H1B Sponsorship• Oportun has a track record of offering H1B sponsorships, with 19 in 2025, 25 in 2024, 27 in 2023, 84 in 2022, 52 in 2021, 41 in 2020. Please note that this does not guarantee sponsorship for this specific role. Apply tot his job