Risk Information Technology and Data Analyst

About The Position

Requirements

• Bachelor’s degree in related field
• Five (5) years of relevant experience in IT risk, IT audit, technology, cybersecurity, or operational risk
• Strong understanding of risk management, cybersecurity/technology, and compliance principles

Nice To Haves

• Certifications (e.g., Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Public Accountant (CPA))
• Experience in a financial institution or public accounting
• Experience with GRC tools (e.g., Archer, ServiceNow)
• Strong understanding of key banking regulations and industry standards (e.g., FFIEC, GLBA, NIST).
• Strong analytical and communication skills with the ability to translate technical risks for business audiences.

Responsibilities

• Leads IT and Data Risk Targeted Risk Assessments, Continuous Monitoring, and Testing as identified across all aspects of Information Technology and Data, including application development, cyber security, enterprise architecture, business continuity and disaster recovery, data governance, data quality, and change management, etc
• Performs core risk assessments, including the enterprise risk assessment, payment network attestations, and the cyber security risk assessment which evaluates the company’s compliance with key regulatory requirements
• Performs gap assessments to evaluate the design and effectiveness of technology and data controls aligned to regulatory and industry requirements
• Reviews and validates risk analysis work completed by junior team members
• Creates and revises IT and Data Risk Management methodology, including procedures
• Monitors trends and regulatory changes in IT and Data and advises leadership on technology and data initiatives that support these trends
• Reviews IT and Data policies and standards to ensure they align with regulations and industry best practices.
• Monitors, tracks, validates, and reports mitigation and resolution of IT and Data risk issues
• Develops and produces reporting to effectively communicate key risks, findings, and recommendations for improvement and participates in discussions of results with key stakeholders
• Performs annual planning, including staffing assessments and identifying training opportunities
• Supports exam readiness for regulatory and audit examinations including providing risk insights, collecting evidence, and preparing verbal and written materials
• Forms and maintains effective partnerships with key stakeholders within strategic business groups and technology to provide credible challenge of Technology and Data’s execution of the risk management framework
• Provides day to day guidance and mentoring to junior analysts and helps build risk awareness across technology, data, and business functions

Benefits

• Paid Vacation/Sick Time
• 401K with Company Match
• Medical, Dental and Vision Benefits
• Disability Benefits
• Health Savings Account
• Flexible Spending Account
• Life Insurance
• Parental Leave
• Employee Assistance Program
• Associate Volunteer Program