ETS Risk Sr Analyst

About The Position

Requirements

• Bachelor’s degree, or foreign equivalent, in Engineering (any), Risk Management, Statistics, or related quantitative field followed by five (5) years of progressive experience in the role or in a related position.
• Utilizing Nexus, Bitbucket, AWS, Azure, Splunk, JIRA, Qualys, Active Directory, ServiceNow, and GRC Archer.
• Acting as a technical subject matter expert for working groups identifying risks and controls inherent in technical processes in the CI/CD pipeline and DevSecOps procedures.
• Using GRC Archer, Tableau and ServiceNow to evaluate existing risk controls and suggesting enhancements leading to the implementation of data analytics & automate to streamline control monitoring.
• Utilizing Visio for process mapping, validation, and documenting business workflows and risk controls.
• Implementing information security standards and frameworks including ISO 27001, FFIEC, NIST Cybersecurity Framework (CSF), SOX, and CIS Controls.
• Ensuring data protection and privacy compliance with regulations including GLBA.
• Collaborating with Operational Risk Management (ORM) to remediate control testing.
• Conducting and validating control testing across business lines to contribute to RCSA results.
• Developing and monitoring KRIs and KCIs indicators to measure risk levels and control effectiveness.
• Internal and external audit support in GRC Archer to ensure adherence to audit recommendations and regulatory requirements.
• Utilizing advanced Excel and data visualization to create dashboards, pivot tables, and data models for risk analytics.
• Leveraging Incident and Change Management Tools like ServiceNow, JIRA, Sailpoint, Splunk (for IT) for Risk Mitigation and Control Testing.
• Writing and maintaining risk management policies.
• Using data analytics platforms: Tableau, or similar tools for dashboarding and reporting.

Responsibilities

• Executing the control monitoring and testing program for multiple complex lines of business and products.
• Delivering self-testing and automated key control indicators, which are critical to determining control environment effectiveness.
• Assessing material controls, as well as monitoring and evaluating escalation procedures to ensure compliance with key rules and regulations.
• Working closely with First Line Risk Principals to organize and initiate investigations into control failures and related issues.
• Maintaining knowledge of regulatory, statutory, and legislative requirements for risk management and controls to ensure compliance with all applicable requirements.
• Keeping the ETS Risk team apprised of testing progress and providing opinions on control effectiveness results, including analysis of themes and findings.
• Assisting in the training and development of the Monitoring and Testing colleagues.

Benefits

• summary of benefits