IT Compliance Analyst Lead

Why GMF Technology?

Innovation isn’t just a talking point at GM Financial, it’s how we operate. From generative AI and cloud-native technologies to peer-led learning and hackathons, our tech teams are building real solutions that make a difference. We’re committed to AI-powered transformation, using advanced machine learning and automation to help us reimagine customer interactions and modernize operations, positioning GM Financial as a leader in digital innovation within a dynamic industry.

Join us and discover a workplace where your ideas matter, your development is prioritized, and you can truly make a global impact.

Please note: this is a hybrid position requiring 2 days onsite in Arlington, TX or Detroit, MI. Role not approved for sponsorship at this time.

About the Role:

The Technology Governance, Risk and Compliance (GRC) Lead is responsible for leading the Governance, Risk and Compliance efforts within one of three domains, developing critical frameworks, creating effective and efficient testing and assessment methodology, and performing innovative analysis and complex reviews to identify and remediate risk and ensure well-functioning controls. As a practice owner, the Technology GRC Lead will have the responsibility for setting practices standards, managing key partner relationships and will be the functional subject matter expert in that area.

• Develop compliance, control, risk management, and governance frameworks 
• Design compliance, testing, continuous monitoring, self-assessment and validation methodologies 
• Perform compliance and risk reviews and document results to allow external reliance 
• Understand patterns across risks and issues, ensure understanding by technology leaders and recommend systemic paths to resolution 
• Develop, enhance and perform reviews to ensure that major technology initiatives have appropriate controls and risk mitigate activities 
• Understand and document the domain technology and process landscape to identify risk levels 
• Facilitate identification and resolution of policy and standards gaps and advise leadership on roadmaps for achieving compliance 
• Influence technology owners to action through expertise, credibility and escalation 
• Assess GRC knowledge gaps, create role-based training and facilitate large-scale training events 
• Own a GRC practice (e.g. policy, regulatory, issue management, work practices, etc.) on behalf of the team 
• Manage multiple initiatives to successful implementation