ETS Risk Sr Analyst

About The Position

Requirements

• Bachelor’s degree, or foreign equivalent, in Engineering (any), Risk Management, Statistics, or related quantitative field followed by five (5) years of progressive experience in the role or in a related position.
• Utilizing Nexus, Bitbucket, AWS, Azure, Splunk, JIRA, Qualys, Active Directory, ServiceNow, and GRC Archer;
• Acting as a technical subject matter expert for working groups identifying risks and controls inherent in technical processes in the CI/CD pipeline and DevSecOps procedures;
• GRC Archer, Tableau and ServiceNow used to evaluate existing risk controls and suggesting enhancements leading to the implementation of data analytics & automate to streamline control monitoring;
• Utilizing Visio for process mapping, validation, and documenting business workflows and risk controls;
• Implementing information security standards and frameworks including ISO 27001, FFIEC, NIST Cybersecurity Framework (CSF), SOX, and CIS Controls;
• Ensuring data protection and privacy compliance with regulations including GLBA;
• Collaborating with Operational Risk Management (ORM) to remediate control testing;
• Conducting and validating control testing across business lines to contribute to RCSA results;
• Developing and monitoring KRIs and KCIs indicators to measure risk levels and control effectiveness;
• Internal and external audit support in GRC Archer to ensure adherence to audit recommendations and regulatory requirements;
• Utilizing advanced Excel and data visualization to create dashboards, pivot tables, and data models for risk analytics;
• Leveraging Incident and Change Management Tools like ServiceNow, JIRA, Sailpoint, Splunk (for IT) for Risk Mitigation and Control Testing;
• Writing and maintaining risk management policies;
• Data analytics platforms: Tableau, or similar tools for dashboarding and reporting.

Responsibilities

• Responsible for executing the control monitoring and testing program for multiple complex lines of business and products throughout.
• Delivers self-testing and automated key control indicators, which are critical to determining control environment effectiveness.
• Assesses material controls, as well as monitors and evaluates escalation procedures to ensure compliance with key rules and regulations.
• Works closely with First Line Risk Principals to organize and initiate investigations into control failures and related issues.
• Maintains knowledge of regulatory, statutory, and legislative requirements for risk management and controls to ensure compliance with all applicable requirements.
• Responsible for keeping the ETS Risk team apprised of testing progress and providing opinions on control effectiveness results, including analysis of themes and findings.
• Assists in the training and development of the Monitoring and Testing colleagues.

Benefits

• Summary of benefits available on company website