Technology Risk and Compliance Analyst

The Technology Risk and Compliance Analyst position, within the Credit Karma Compliance team, is a high touch role requiring excellent communication cross-functionally in a dynamic environment!  The analyst will work directly with Security, Engineering, IT, and Operations.  An interest in Security Compliance frameworks and enthusiasm for learning are a must!

You'll be responsible for

  • Evaluating and providing analysis on periodic internal audits and security compliance reviews (e.g. ISO 27001, SOC, NIST 800-53, DoD STIGs, MSSDL, and SOX standards)
  • Performing implementation and integration for the GRC system
  • Performing special projects and metrics reporting as assigned
  • Assisting in building and maintaining state of art compliance frameworks in GRC tool
  • Assisting in the development of policies and procedures that will help Credit Karma to adopt a risk-based mentality toward all day-to-day activities
  • Assisting in the coordination of self assessments/readiness assessments across various departments. Tracks and manages the gaps identified as an outcome of the assessments to ensure appropriate resolution
  • Consulting internal stakeholders regarding Credit Karma’s Risk and Compliance controls, Engineering best practices, and Security requirements

Our ideal candidate

  • BS/MS Degree in Management Information Systems, Computer Science or a technology related field is strongly preferred
  • 2+ years experience performing test of internal controls eg. NIST 800-53, DoD STIGs, SSAE 16 (SOC), ISO27001, MSSDL and SOX standards
  • Knowledge or strong interest in infrastructure security, application security, network security, information technology and tools
  • Experience with GRC and controls baselines
  • Amazing project management and organizational skills
  • Strong technical, analytic, and communication skills (both written and verbal)
  • Extreme attention to detail and nuance, with a working familiarity with compliance practices and tools
  • Strong foundational knowledge of SDLC, technology operations, information security, and technology governance practices
  • You have or plan to obtain your CISA, CISSP, CCSP or other certifications (we'll prepare you and pay for it!)
  • A fun and positive attitude!

Meet Some of Credit Karma's Employees

Kyle G.


Kyle works behind the scenes as a revenue analyst to provide Credit Karma’s members with personalized offers that help them optimize their finances.

Maria P.


As a full-stack engineer, Maria does everything from back end to front end testing. She works hard to build scalable, testable, and maintainable products that Credit Karma’s members find easy to use.

Back to top