Information Security Risk & Compliance Analyst at Avant

| Chicago
Sorry, this job was removed at 5:10 a.m. (CST) on Thursday, February 11, 2021
Find out who's hiring in Chicago.
See all Operations jobs in Chicago
Avant is dedicated to building premier digital banking solutions for the middle class through a combination of technology, analytics and superior customer service. Since 2012, Avant has connected over one million customers to $6.5 billion in loans and to 200,000 credit cards. A high growth financial technology company, Avant has been featured in The Wall Street Journal, The New York Times, TechCrunch, Fortune, Bloomberg, and has raised over $600 million of equity capital. Visit for more information.
The Information Security Risk and Compliance Analyst is responsible for supporting Avant’s security strategy within new and existing information security frameworks. The position requires both an understanding of compliance frameworks and is responsible for the planning and design of policies and process maintenance in addition to evaluation of internal and external partners against Avant’s control framework. 
The ideal candidate is technical and possesses at least five years of experience in security, compliance or risk management. The role oversees the business’ security requirements and obligations mandated by standards and regulations such as the Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX) and Payment Card Industry Data Security Standard (PCI DSS) among other financial industry frameworks. In tandem with security leadership, the Information Security Risk and Compliance analyst consistently assesses and validates the assurance of the security program. As a primary point of contact for internal and external auditors, the Information Security Risk and Compliance analyst monitors progress and enforces remediation of outstanding issues that may lead to non-compliance or unacceptable risks to the business. As a key member of the security team, the Information Security Risk and Compliance analyst must focus on holistic risk management and not be driven solely by compliance.

What you do at Avant:

  • Conduct enterprise-wide, ongoing risk analysis in tandem with compliance and internal audit.
  • Maintain risk register and evidence archive in the Avant GRC platform.
  • Document, formulate and enforce remediation activities that balance risk with business operations and do not diminish efficiencies or innovation in the business.
  • Partner with vendor management in oversight of third parties and business partners to safeguard against undue risk presented by external entities. Analyze assessment findings, document, recommend and report remediation plans to security leadership.
  • Act as a key participant in incident response to track occurrence and resolution, with strict documentation and reporting. Work in tandem with security engineering, internal audit and risk management leadership to perform ongoing security program assessments .Attend and fully engage in change management meetings.
  • Liaison with auditors, both internal and external, to attest and implement controls for compliance and privacy laws.
  • Perform other duties as assigned.

Why you are a fit for Avant:

  • At least 5+ years’ experience in information security as a practitioner and with at least 2 to 3+ years exposure with various security frameworks.
  • Knowledge of security technology skills for well-rounded proficiency, as well as proven ability to align with security practices and compliance responsibilities. Experience and understanding of various regulatory requirements and laws, including but not limited to PCI, GLBA, and NIST Security and Privacy Frameworks. Additional experience in one or more of the following is a plus: ISO 27001/2, ITIL or FFIEC, FDIC Regulatory FrameworksExceptional written and verbal communication skills, and proven ability to translate security and risk to business language.
  • Working knowledge of technologies such as cloud computing, DevOps and understanding of application security best practices is required.
  • Up-to-date understanding of a wide-range of incident response, system configuration, vulnerability management and hardening guidelines. Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
  • Preferred experience with cloud environments such Amazon Web Services (AWS), Google Cloud and Microsoft Azure. Prior experience operating in a GRC system.
  • Demonstrated problem-solving capabilities, and ability to manage complex local and international security requirements.
  • Self-motivated, directed and well-organized, with the anticipation to position controls in anticipation of threats. Successful track record of managing relationships with external entities’ and mitigating risks in business development opportunities.
  • Familiarity with state, federal and international privacy laws.
  • Highly trustworthy; leads by example.
  • Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent industry experienceHold or working toward one or more of the following a plus: CISSP, CRISC, or CISA, CGRC

Why Avant is a fit for you:
At Avant, we believe our values make a difference:
We value, support, and help each other grow
We are committed to active inclusion and diversity
We are transparent and believe the best idea wins
We succeed when our customers succeed
We get sh!t done… responsibly
And we keep it fun!
We believe that ideas are more important than titles, everything is more fun together, everyone drives change, and everyone is an owner. While we believe the perks and benefits that we offer are terrific, nothing excites us more than having the ability to collaborate with intelligent, highly-motivated and talented people on challenging problems as we work to change the face of online lending.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
    • JavascriptLanguages
    • PythonLanguages
    • RubyLanguages
    • SqlLanguages
    • TypescriptLanguages
    • ReactLibraries
    • AngularJSFrameworks
    • DjangoFrameworks
    • Ruby on RailsFrameworks
    • MySQLDatabases
    • JIRAManagement


Located on Chicago's scenic riverwalk, we're surrounded by trendy restaurants, a thriving startup community, and easy access to public transportation.

An Insider's view of Avant

What’s the vibe like in the office?

The vibe is positive and encourages fun, but also strives for growth through hard work and innovation. I would also say Avant is a “come as you are” environment where people are able to bring their whole selves to work, which leads to diverse viewpoints and great ideas.


Software Engineer

How do you collaborate with other teams in the company?

Because of the nature of my role, I’m constantly collaborating and working with other teams. Program management is like being a traffic cop, at the intersections of every vertical within the business unit; I stop and start traffic, provide estimates on travel time, and route drivers down the right street if they get lost.


Customer Success Manager

What are some things you learned at the company?

The new projects we launch for our bank partners are really exciting because of all the learning opportunities they present. These projects require a substantial amount of collaboration between teams, so everyone is growing and learning from one another as we go. It's pretty awesome!


Tech Quality

What does your typical day look like?

70% of my day is working on code. 20% of my day is spent on unblocking other junior engineers or reviewing code. 10% of my day is in meetings. 100% of my day is spent having fun! =)


Software Engineer Team Lead

What are Avant Perks + Benefits

Avant Benefits Overview

We offer group Medical, Dental, and Vision coverage, generous parental leave, commuter benefits, and unlimited vacation time. We have a free gym on site at our Chicago office and other great perks like a fully-stocked kitchen with beer on tap, casual dress code, a game room, and company happy hours.

Volunteer in local community
We love being in Chicago! We'll run donation drives for local schools, pack lunches for city shelters, host events for young people interested in fintech, and whatever else comes up!
Friends outside of work
Eat lunch together
Intracompany committees
Like the Diversity & Inclusion Committee and the Fun Committee, to name a few.
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Pair programming
Open office floor plan
Documented equal pay policy
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Diversity manifesto
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Onsite Gym
Retirement & Stock Options Benefits
401(K) Matching
Company Equity
Employee Stock Purchase Plan
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Return-to-work program post parental leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Game Room
Stocked Kitchen
Happy Hours
Relocation Assistance
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Paid industry certifications
More Jobs at Avant22 open jobs
All Jobs
Data + Analytics
Dev + Engineer
HR + Recruiting
Project Mgmt
Project Mgmt
Data + Analytics
Data + Analytics
Data + Analytics
Data + Analytics
Data + Analytics
HR + Recruiting