Technology Risk and Compliance Analyst

The Technology Risk and Compliance Analyst position, within the Credit Karma Compliance team, is a high touch role requiring excellent communication cross-functionally in a dynamic environment!  The analyst will work directly with Security, Engineering, IT, and Operations.  An interest in Security Compliance frameworks and enthusiasm for learning are a must!

You'll be responsible for

  • Evaluating and providing analysis on periodic internal audits and security compliance reviews (e.g. ISO 27001, SOC, NIST 800-53, DoD STIGs, MSSDL, and SOX standards)
  • Performing implementation and integration for the GRC system
  • Performing special projects and metrics reporting as assigned
  • Assisting in building and maintaining state of art compliance frameworks in GRC tool
  • Assisting in the development of policies and procedures that will help Credit Karma to adopt a risk-based mentality toward all day-to-day activities
  • Assisting in the coordination of self assessments/readiness assessments across various departments. Tracks and manages the gaps identified as an outcome of the assessments to ensure appropriate resolution
  • Consulting internal stakeholders regarding Credit Karma’s Risk and Compliance controls, Engineering best practices, and Security requirements

Our ideal candidate

  • BS/MS Degree in Management Information Systems, Computer Science or a technology related field is strongly preferred
  • 2+ years experience performing test of internal controls eg. NIST 800-53, DoD STIGs, SSAE 16 (SOC), ISO27001, MSSDL and SOX standards
  • Knowledge or strong interest in infrastructure security, application security, network security, information technology and tools
  • Experience with GRC and controls baselines
  • Amazing project management and organizational skills
  • Strong technical, analytic, and communication skills (both written and verbal)
  • Extreme attention to detail and nuance, with a working familiarity with compliance practices and tools
  • Strong foundational knowledge of SDLC, technology operations, information security, and technology governance practices
  • You have or plan to obtain your CISA, CISSP, CCSP or other certifications (we'll prepare you and pay for it!)
  • A fun and positive attitude!

Meet Some of Credit Karma's Employees

Kyle G.


Kyle works behind the scenes as a revenue analyst to provide Credit Karma’s members with personalized offers that help them optimize their finances.

Jonathan C.


Jonathan works cross-functionally to develop products that help people feel in control of their credit, their options, and their futures.

Back to top