IT Risk Governance/Control Analyst - Bank

IT Risk Governance/Control Analyst - Global Bank

Direct Responsibilities

- Define, maintain and work with IT teams to oversee the implementation of policies and procedures.

- Represent IT in relevant audit meetings and assist IT groups in closing findings.

- Define, write and maintain controls

- Support remediation efforts, assessments, new standards and documentation.

- Ongoing maintenance and strengthening of controls and alignment with IT governance

- Support IT in implementing any Operational and Technology Risk and Control assessment or program or initiative. Manage the scope and the calendar, facilitate the assessments/implementation, ensure action plan follow-up.

- Coordinate the risks identification and action plan follow-up.

- Coordinate and promote the identification and recording of historical operational risk incidents.

- Provide action plans for FFIEC Cybersecurity Assessment Tool, attend and participate in Cybersecurity meetings and workshops, provide IT metrics, track IT Cybersecurity related findings and declaratives.

- Identify and report/escalation alerts on issues related to Governance, Compliance, and Operational Risk.

- Contribute to any Operational and Technology Risk and Internal Control and statement/reporting.

- Actively participate in automation efforts to enhance current reporting processes for KRI/KPI and risk and control posture.

- Work in close collaboration / liaise with Operational and Technology Risk and Audit teams (2nd and 3rd lines of Defense, and contribute to 1st LOD governance structure and operational practices.

Required Experience

- Familiarity with GRC (governance, risk, compliance) methodologies, tools and enablers in the financial services sector

- IT and financial services industry experience required

- Experience writing and managing IT policies and procedures throughout their lifecycle

- Excellent written and verbal communication skills

- Strong analytical and problem solving skills

- Strong computer skills including MSOffice (Excel, Outlook, Powerpoint, Visio) and Sharepoint preferred

- Ability to work both independently and as part of a team to deliver quality work product in a timely fashion in a fast-paced environment

- Ability to multi-task and prioritize tasks with a focus on quality, completeness and accuracy

- The ability to work well with people from many different disciplines with varying degrees of technical experience

- The ability to adapt to a dynamic, rapidly changing business and technical environment

- Ability to maintain confidentiality

- Demonstrate a basic understanding of various compliance and regulatory areas (e.g. SOX, FFIEC)

Education

Bachelor's Degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly preferred;

- Equivalent combination of education and experience may be substituted in lieu of degree

- CISA, CRISC, CIA, CPA, CISM, CISSP or other related risk and control certification is an asset