AVP IT Governance, Risk and Compliance

Why GM Financial Technology?

GM Financial is set to change the auto finance industry and is leading the path of embarking on tech modernization – we have a startup mindset, and preserve our small company culture, in a public company environment with financial stability and intense growth over a decade-plus history.

We are data junkies and trust in data and insights to advance our business objectives. We take our goal of zero emission, zero collision, zero congestion, and zero friction very seriously. We believe as an auto finance market leader we are in the driver's seat to lead us in the GM EV mission to change the world.

We are building global platforms, in LATAM, Europe, China, U.S. and Canada – and we are looking to grow our high-performing team. GMF is comprised of over 10,000 team members globally. Join our fintech culture within a Blue-Chip company where we are changing the way we use technology to support our customers, dealers, and business.

About the Role:

The AVP - IT Governance, Risk and Compliance (GRC) provides management and direction to global business operations domain team and strategic leadership to the Information Technology team and executive stakeholders. The team is responsible for developing, managing, and implementing control frameworks and testing, risk management methodologies, and governance practices including policies, training and executive communication. The AVP – IT Governance, Risk and Compliance will partner with IT GRC leadership to deliver their shared mission to promote a risk-informed innovation culture to drive a compliance & resilient technology environment by providing high-value services to leadership and their teams. The AVP – IT GRC will lead an empowered and engaged team of control savvy-technologists and contribute to a high-trust, high-performance culture. As a trusted expert and influential communicator, the AVP will interact and advise management and colleagues throughout the organization and interact effectively with external auditors and state examiners.

In this role, you will:

• Understand, communicate, and commit to the organization's vision, goals, and strategies; align department priorities and direction.
• Review, approve, and resolve gaps in foundational frameworks for compliance, controls, risk, and governance.
• Ensure team understanding of and delivery against regulatory requirements, established methodologies, work standards and practices.
• Understand the overall landscape and identify and escalate cross-functional issues and trending metrics to address risk and compliance issues holistically.
• Create strategic connection between emerging risk and issue management and champion leadership engagement to proactively reduce impact.
• Work with peers to develop an enterprise view of knowledge gaps and own the role-based training program to address.
• Manage the internal practice portfolio by assessing the health, showcasing the approach to leader peers, and recommending changes to achieve consistent best practices in GRC work.
• Influence senior technology leadership and partners through compelling communication of strategy, metrics, and results.
• Perform other duties as assigned.
• Conform with all company policies and procedures.

What makes you a dream candidate?

• Advanced knowledge of business processes for supported business groups.
• Knowledge of security methodologies, policies, standards and best practices.
• Knowledgeable of best practices in information technology governance and regulatory landscape for financial institutions, including Sarbanes-Oxley.
• Knowledge of financial services core business functions, policies and procedures.
• Working knowledge of the consumer loan business.
• Working knowledge of all system application.
• Working knowledge of the corporate business solution environment.
• Significant experience in a large and complex business environment.
• Knowledge of security frameworks (e.g., ISO 27000, NIST, FFIEC, COBIT etc.).
• Knowledge of information technology systems, infrastructure and operations.
• Working knowledge of information systems and operations systems for supported business groups.
• Strong leadership skills including empowered delegation, coaching, and performance management.
• Demonstrated ability to understand emerging technology and to apply learning effectively to control and risk scenarios.
• A curious mindset that is comfortable exploring the "five-whys" to understand and resolve matters at the root cause.

Experience:

• Bachelor's Degree in a related field or equivalent work experience required; Masters degree preferred.
• 5-7 years in IT compliance or IT risk management required.
• 5-7 years of supervisory and/or leadership experience required.
• 5-7 years of experience in dealing with multiple business units and diverse employee population preferred.
• CISA, CIA or Related certification (active or inactive) preferred.
• Excellent writing, speaking, listening, presenting and facilitating skills including the ability to simplify complex topics for a diverse audience.
• Experience with process and data visualization concepts and tools.

What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.

Our Culture : Our team members define and shape our culture. We have an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.

Compensation: Competitive salary and bonus eligibility; this role is eligible for company vehicle program.

Work Life Balance: Flexible hybrid work environment, 3-days a week in office.