Development Administration Analyst - Officer

About The Position

Requirements

• 2+ years of IT experience
• Minimum of 3+ years in a relevant Application Development, Production Support, or DevOps role.
• Demonstrable experience navigating large, complex enterprise environments with formal risk and control processes.
• Excellent communication skills and a proven ability to liaise with a large number of diverse stakeholders, from technical developers to senior managers.
• Strong understanding of the full Software Development Lifecycle (SDLC) process, modern DevOps/DevSecOps principles, and system architecture.
• Exceptional ability to plan, organize, and manage a demanding workload, with the capacity to adjust quickly to changing priorities.
• Jira or equivalent agile tracking tool.
• Microsoft Excel (Intermediate to Expert) for data analysis and reporting.
• Bachelor's degree/University degree or equivalent experience.

Nice To Haves

• Experience supporting the management of vendor-supplied applications, including coordinating with third-party support and internal risk assessment teams, is highly desirable.
• Experience in the Capital Markets or a similar regulated financial domain is a significant advantage.
• Experience with Project Management tools.
• Foundational knowledge of ITIL concepts.
• Familiarity with DevSecOps toolchains (e.g., Blackduck, Snyk, Checkmarx).
• Experience with IT Service Management platforms (e.g., ServiceNow) and low-code automation tools.

Responsibilities

• Act as a delegate for Application Managers to navigate key institutional processes for a portfolio of applications.
• Coordinate, prepare, and track requests within internal governance and IT Service Management (ITSM) platforms for critical lifecycle events, including new application onboarding, inter-departmental application transfers, and infrastructure capacity requests.
• Manage application metadata and ensure its accuracy within the central Application Portfolio Management (APM) system, reflecting the correct risk posture, data classification, and ownership.
• Proactively manage the administrative execution of the firm's risk and control framework, ensuring adherence to performance metrics and timely task completion.
• Serve as a liaison between development teams, Application Managers, and control groups (e.g., Information Security, Enterprise Architecture).
• Facilitate and track submissions for technology risk and control assessments and requests for using non-standard or restricted technologies.
• Ensure all necessary architecture sign-offs (e.g., for cloud environment onboarding) are completed on schedule by coordinating with the relevant stakeholders.
• Act as a primary administrative point of contact between internal technical teams and external software vendors.
• Coordinate the third-party risk assessment process for new and existing vendors, working alongside Information Security, Procurement, and Legal teams.
• Facilitate technical support sessions with vendors to troubleshoot application issues, and coordinate the deployment of vendor-supplied patches, upgrades and compliance.
• Maintain clear and accessible documentation for vendor contracts, support procedures, and key contacts.
• Collaborate with Information Security Officers and development teams to document and track compliance with key security requirements.
• Support the coordination of Application Vulnerability Assessments (AVA) and penetration testing, and monitor the remediation of identified findings in vulnerability management tools (e.g., Blackduck, Snyk, Checkmarx).
• Assist in the management and maintenance of the application's Software Bill of Materials (SBOM) to ensure all third-party components are licensed, secure, and compliant.
• Develop and maintain comprehensive knowledge maps identifying key stakeholders, processes, and contacts for specific applications and Lines of Business (LOBs).
• Create and refine knowledge bases for repeatable administrative and compliance tasks to drive efficiency and consistency.
• Identify and implement automation opportunities for repetitive tasks, such as evidence collection for audits or status report generation.
• Generate and distribute clear and concise status reports to keep Application Managers and other stakeholders informed of progress, potential risks, and upcoming deadlines related to compliance and administrative tasks.