Compliance and IT Risk Management Senior Specialist

Title: Compliance and IT Risk Management Senior Specialist

Location: Dearborn, MI (onsite 4 days a week)

Duration: Ongoing Long Term

Job Description:

• The IT Compliance and Information Security Analyst provides oversight of IT compliance and regulatory requirements, IT Security and controls, supports the application teams.
• This role will ensure applications/digital infrastructure remains secure, resilient, and compliant with regulatory standards, play a key role in Second Line of Defense, supporting IT assessments, and remediate gaps.
• This position provides support for internal and external audit activities while working closely with business partners to identify, assess, and manage IT related risks.
• Our Company Technology is on an exciting transformation journey, and you will have a great opportunity to help us transform the Security area as well as Compliance and Regulatory requirements

Major Responsibilities Include:

• Partner with Credit Application Teams to Implement and manage IT Controls
• Provide Security & Control consulting to Application teams
• Internal Audit and Third-Party Audit Support
• Support Credit Internal Controls with IT related controls and deficiencies
• Management of Comments identified by the Audit and application teams (development, implementation, and sustainability of Control Improvement Plans)
• Conduct reviews of identified IT related audit Comments
• Support Application teams with Detailed Risk Assessments and Threat Modeling
• Support Vendor Management and Business Owners with due diligence for supplier onboarding
• Support Credit Privacy and Compliance Attorneys with IT related regulatory requirements
• Monitor Google Cloud Platform-Security Command Center to maintain visibility into the cloud compliance posture
• Support Third Party consulting engagements
• Maintain accurate JIRA User Stories and Backlog
• Ensure the organization meets specific financial industry standards

Experience Required:

• Senior Specialist Exp: 7+ experience in relevant field.

Experience Preferred:

• Finance/Bank

Additional Information:

Essential skills:

• Strong knowledge of company and Industry standard IT Controls and best security practices
• Solid understanding of corporate policies (Information Security Policy, Finance Manual, Corporate Directives, etc.)
• Understand risk and implement mitigating controls
• Knowledge of risk management principles, including risk assessment, mitigation, and reporting.
• Strong leadership skills and results oriented
• Continuous controls process improvement mentality
• Integrity - ability to "stand ground" for correct action and do the right thing
• Demonstrated ability to take ownership and accountability of all work and responsibilities
• Strong interpersonal and communication skills (written and verbal), with the ability to collaborate effectively
• Drafting and updating security procedures based on evolving threats and trends
• Excellent interpersonal, collaborative and team building skills
• Capable and comfortable working autonomously

Desired experience:

• 5+ years of progressive experience in information security, IT risk, Compliance, Audit within a financial services or regulated environment.
• 2+ years of an IT Auditor experience
• Preferred candidate will have a proven track record in IT security and controls, demonstrated strong controls mindset
• Experience within the Financial Services sector is highly desirable to navigate the complex regulatory requirements
• Understanding of Large Language Models (LLMs) and identify opportunities to integrate AI into the compliance lifecycle.
• Industry Certifications a plus (e.g., CISA, CRISC, CISM, CISSP)

Required Qualifications:

• Bachelor s degree in Information Security, Computer Science, Information Systems, Finance, or a related field.