Specialist, Risk Assurance

Calling all innovators – find your future at Fiserv.

We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv.

Job Title

Specialist, Risk Assurance

What does a successful Risk and Compliance Specialist do at Fiserv:?

Fiserv is seeking a skilled risk and compliance Specialist to join its Enterprise Risk and Controls team. This dynamic role spans multiple responsibilities, including Third Party Risk Assessments for vendors and support for PCI and SOC audits as part of the organization's Third-Party Audit initiatives. The position is ideal for professionals who are adaptable and eager to contribute across various risk programs within the department.

The role primarily centers on contributing to the Third Party Risk Management (TPRM) function. It involves gaining a comprehensive understanding of security policies, standards, and related processes within the scope of the TPRM program. Leveraging strong assessment capabilities, you will ensure that vendor-related risks are effectively identified, evaluated, mitigated, and continuously monitored to uphold the highest standards of security and compliance.

• What you will do:
• Developing detailed understanding of security policies, standards, and associated processes as it pertains to third party risk management program.
• 5-8 years of experience in the domains such as risk and compliance, information security
• Driving collaboration between cross-functional stakeholders and facilitating strong partnership with Fiserv Business Units
• Capability of contributing to TRPM Risk transformation projects in alignment with organization strategy.
• Responsible for independently conducting third-party risk assessment in line with security standards, practices encompassing people, process and technology controls
• Proficient in reviewing documentation including but not limited to security policies, processes, SOPs, third party audit/assurance reports including SOC 2, PCI AOC/ROC/ROV/SAQ, ISAE, ISMS, penetration testing, vulnerability scanning reports to identify gaps/exceptions
• Responsible for monitoring, tracking risks through closure by collaborating with multiple constituents including internal and external stakeholders; ensuring auditable results are maintained throughout the engagement.
• Ensure accurate and timely review; responsible for well-written observations, and walking stakeholders through the process lifecycle as needed
• Lead and participate in regional and global TPRM governance forums and liaise with business stakeholders. Document and maintain the relevant documentation.
• Establish trust and credibility with key partners; develop and foster constructive professional relationships with multiple stakeholders including but not limited to executive and line management, risk officers, risk contacts and third-party contacts
• Work on vendor events, liaison with business stakeholders and follow-up with vendors
• Mentor and train Junior team members on Vendor Risk Assessment program.

What you will need to have:

• Bachelor's Or Master's degree from an accredited university is preferred, equivalent work experience will be considered.
• 5- 8 years of experience in IT Risk and Compliance Management or Information Security domain
• Good interpersonal, written/verbal communication, and organizational skills
• Ability to handle internal and external discussions/interactions issues in a professional, assertive, and proactive manner
• Ability to work effectively within a matrixed organization
• Strong organizational and time management skills with Global stakeholder management
• Strong MS office skills (Microsoft Excel, Word, PowerPoint, and SharePoint)
• Exposure to GRC ( Governance, Risk and Compliance tools)

What would be great to have:

• Financial services experience, including working in highly regulated environments

• Knowledge of IT audit, ISO 27001, ITIL, Vendor Risk Management process

• Ability to interact across all levels of management
• Attention to detail with a commitment to high-quality standards
• A successful track record for delivering results in a timely manner
• Industry Certifications: CISA, CRISC, CTPRA, ISO 27001 LA/LI or equivalent etc.)

Thank you for considering employment with Fiserv. Please:

• Apply using your legal name
• Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).

Our commitment to Diversity and Inclusion:

Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law.

Note to agencies:

Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.

Warning about fake job posts:

Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.