IT Risk and Compliance Analyst

Overview

Hybrid
Depends on Experience
Contract - W2

Skills

IT Risk
IT Risk Management
ITAudit
Auditing
GRC
Risk Management
Risk Assessment
Data Analysis
Governance
Risk
Compliance
Information Technology
ITGC
COBIT
NIST
ISO
ITIL
security
cloud
Regulatory Compliance

Job Details

"No third-party candidates, only W2 candidates will be considered."

 

Job Details

 

Position: Senior IT Risk and Compliance Analyst

Location: Chicago IL, 2-3 days in office (TBD)

Duration: 6 months

Start Date: asap

Interview Process/Times: One and Done (process last time around)

 

 

Notes:

  • Trying to shift how they operate in the IT Risk and Compliance department, they are missing the Risk part of their team,
  • Looking for people who have a risk background and make this a first line of defense risk function.
  • Looking for a team self starter and motivated
  • Focused on building out Risk function
  • Must haves:
    • IT Risk or IT Audit
    • Risk focused background
    • Testing controls, particularly tech controls
    • Risk assessments
  • Tools:
    • Risk Connect for GRC, not a must have. Will consider other similar tools
    • Data analysis skills is a plus
  • Certifications:
    • Not required, but would be a nice to have to demonstrate knowledge and background

 

Job Description:

The Senior IT Risk and Compliance Analyst will aid in supporting the Information Technology department s adherence to the Bank s Governance, Risk & Compliance (GRC) framework, Enterprise Risk Management framework, and Sarbanes-Oxley (Sox) compliance. Responsibilities will include but are not limited to:

  • Collaborating with IT personnel to understand and document operational processes to identify process improvement opportunities and unmanaged risk.

  • Identifying technology risk and aiding with developing the applicable control objectives and creating appropriate test steps to validate risk mitigation.
  • Performing testing of all technology controls and ensuring alignment of controls with industry frameworks.
  • Developing and maintaining process and control documentation, including but not limited to narratives and flowcharts for IT processes.
  • Assist with the implementation and execution of processes within the IT Risk & Compliance group that supports the proactive evaluation, identification and monitoring of IT risks and controls.
  • Assist with implementing continuous monitoring of IT controls and working with data for efficient control testing.
  • Assist with maintaining the IT policy and procedure library including executing a process to ensure documents, standards and other related materials remain current.
  • Perform various reviews, as necessary to validate compliance with IT policies, regulatory requirements, and other internal frameworks.

 

QUALIFICATIONS AND EDUCATION REQUIREMENTS

  • Bachelor s degree

  • Minimum 4 years of IT audit or risk management experience.
  • Industry certification in Information Technology or Risk Management.
  • Demonstrated capability to perform walkthroughs, risk assessments, and ITtesting.
  • Knowledge of Internal Control frameworks (COSO) and Information Technology frameworks (COBIT, NIST, ISO, and ITIL.)

 

PREFERRED SKILLS

  • Data analysis and automation skills.

  • Experience in assessing and testing security and cloud controls.
  • Ability to demonstrate creativity and innovation to provide fresh ideas and approaches to process improvements and control testing.
  • Ability to manage ambiguity and changing priorities.
  • Effective communication skills and ability to influence.
 
 
 
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.