InfoSec Analyst - Regulatory Exam Execution

TEKsystemsCharlotte, NC
$65 - $75Hybrid

About The Position

Responsibilities include ensuring compliance with regulatory requirements, managing interactions with regulators, and overseeing remediation activities. This role involves end-to-end ownership of information security related regulatory exams, from pre-planning three to four months out through fieldwork and close out. Pre-planning includes bringing all stakeholders together, setting expectations, surfacing gaps and areas of regulatory focus, and building the right stakeholder list. During “field work”, orchestrating and collecting evidence and responses from multiple groups, getting regulator questions answered, and ensuring complete and high-quality submissions. The role also involves translating regulatory language into actionable execution for stakeholders and providing executive level reporting including KRIs, dashboards, and status updates. Ensuring consistency of responses across regulators so that the bank is not giving conflicting answers to similar requests is also a key part of the role. This position participates on complex, comprehensive or large projects and initiatives and acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors. The analyst will have advanced knowledge of organization, technology controls / security/ risk issues and will guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards, and incidents. The role includes conducting risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas. It also involves leading or contributing to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy. Contributing to the definition, development, and oversight of a global security management strategy and framework is also required. Ensuring technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against our business is crucial. Developing on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area, and influencing behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise are also key aspects of this position.

Requirements

  • Prior banking or financial services experience at comparable size and complexity
  • Experience specifically within information security, technology risk, regulatory or IT audit, not general business controls only
  • Hands on regulatory exam and audit support related to information security, platforms, and technology
  • At least 5 plus years conducting risk assessments, defining required controls, testing control procedures, RCSA, performing evidence validation and vulnerability assessments
  • Strong IT risk management and audit background with regulatory experience and knowledge
  • Framework and regulatory fluency such as OCC, FFIEC, NIST, ISO, COSO, SOX, CIS benchmarks
  • Experience working across First, Second, and Third Lines of Defense, with clear understanding of ownership models and escalation paths

Responsibilities

  • End to end ownership of information security related regulatory exams, from pre planning three to four months out through fieldwork and close out
  • Preplanning includes bringing all stakeholders together, setting expectations, surfacing gaps and areas of regulatory focus, and building the right stakeholder list
  • During “field work”, orchestrating and collecting evidence and responses from multiple groups, getting regulator questions answered, and ensuring complete and high-quality submissions
  • Translating regulatory language into actionable execution for stakeholders
  • Providing executive level reporting including KRIs, dashboards, and status updates
  • Ensuring consistency of responses across regulators so that the bank is not giving conflicting answers to similar requests
  • Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
  • Lead or contribute to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
  • Contribute to the definition, development, and oversight of a global security management strategy and framework.
  • Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against our business.
  • Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.

Benefits

  • Medical, dental & vision
  • Critical Illness, Accident, and Hospital
  • 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
  • Life Insurance (Voluntary Life & AD&D for the employee and dependents)
  • Short and long-term disability
  • Health Spending Account (HSA)
  • Transportation benefits
  • Employee Assistance Program
  • Time Off/Leave (PTO, Vacation or Sick Leave)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service