IT General Controls Analyst

About The Position

Requirements

• Bachelor's degree in business administration, IT-related field, or bachelor's degree directly related to the position or equivalent, required.
• Minimum of 3 years' experience in IT Operations, Security, Risk, and/or Audit required.
• Technical Project Management and/or Business Analysis experience desired.
• Exposure to access reviews and/or IT General Controls audits.
• Demonstrate ability to analyze and manipulate data across various sources including excel, CRMs, and online repositories.
• Ability to create, improve, and maintain processes in the IT Division (process modelling and procedure development experience desired).
• Advanced skills in MS Office (Word, Excel, and PowerPoint). Experience with GRC tools, project management tools, and IT asset-management provider preferred.
• Understanding of systems development lifecycle and change management concepts.
• Understanding of financial institution governance and regulations including SSAE16/18, FFIEC, SOX, and ISACA/COBIT.
• Ability to stay organized and effectively manage completion of assigned tasks.
• Excellent written and oral communication and presentation skills.
• Ability to summarize and condense large amount of information and data for executive synopsis.
• Willingness to take ownership of certain processes, projects and deliverables.
• Customer focused and results oriented.
• Ability to establish and meet critical deadlines.
• Ability to prioritize multiple activities and complex project simultaneously.
• Ability to research and resolve problems.
• Excellent verbal and written communication skills required.
• Highly organized and detail-oriented; ability to work in a fast-paced, metrics-driven environment required.
• Proficiency in Microsoft Office Suite, Word, Excel, Wiki, collaborative cloud-based programs, and third-party software applications required.
• Commitment to company values.
• Customer Service - Proactive attention to each person.
• Integrity - Do and say what's right.
• Respect - Treat others with dignity.
• Collaboration - Listen and work together.
• Learning - Seek knowledge and strive for improvement.
• Excellence – Deliver the unexpected.

Nice To Haves

• Technical Project Management and/or Business Analysis experience desired.
• Experience with GRC tools, project management tools, and IT asset-management provider preferred.
• Ability to create, improve, and maintain processes in the IT Division (process modelling and procedure development experience desired).

Responsibilities

• Assist in maintaining the strategic and tactical initiatives involving activities associated with managing the IT General Control Library.
• Identify and assess risks related to IT controls and recommend mitigation strategies.
• Document and monitor general controls and operate in an environment where tasks are managed effectively.
• Produce deliverables, specifically process flows, procedure documentation, writing specialized assessment reports, related to process, tools, metrics and communication activities.
• Support with investigating and analyzing control issues and inconsistencies.
• Ensure documentation of gaps and issues are accurate and complete.
• Execute access reviews, data security, backup and recovery, system operations, and network security controls as they relate to SSAE16/18, FFIEC, SOX, and ISACA/COBIT frameworks.
• Ensure that IT systems comply with relevant laws, regulations, and standards, and conducting regular audits to verify compliance.
• Evaluate third party information security posture and design third-party IT controls based on business risk.
• Support the implementation of key control practices and procedures by preparing presentations for internal stakeholders with the goal of providing regular modification updates.
• Engage in discussions to identify and respond to business risks and ensures that the line of business staff understands key control concepts and their relevance to core business practice.
• Monitor that controls used to mitigate business risks are properly designed, executed and documented.
• Work with corporate-level resources to identify, design, and execute controls for optimal effectiveness.
• Serve as an advisor to the IT General Controls Manager regarding IT control-related matters and assist as a functional liaison to the line of business resources.
• Support IT intake projects to drive the development and implementation of IT general controls.
• Monitor the disposition/resolution of issues resulting from audits and examinations.
• Work with team members on process improvement projects for IT General Controls.
• Support a culture of continuous improvement and customer service excellence with visible metrics and KPIs (Key Performance Indicators).
• Collaborate in the development of the company-wide framework, encompassing components of ITIL / COBIT/ and ISO disciplines.
• Understand the Technology Roadmap and monitor that infrastructure outsourcing partner(s) are delivering against roadmap expectations.
• Look for continuous cost saving opportunities.
• Make recommendations to the IT General Controls Manager for changes that would result in improved delivery of services and/or cost savings.
• Participate in strategic and tactical initiatives involving the activities and personnel associated with resource management; monitoring that IT resources can achieve the business’s strategic goals.
• Monitor industry best practices to assist in maintaining a risk-based approach to its infrastructure practices.
• Document IT activities into a generally understood and accepted process model.
• Responsible for understanding identified risks and their control plans.
• Provide training and support to staff on compliance requirements and best practices in IT general controls.
• Support special projects and initiatives as assigned.
• Perform other duties as assigned.

Benefits

• medical
• dental
• vision
• life insurance
• AD&D
• LTD
• 401(k) with employer match