IT Risk Analyst will assist program activities to mature IT Regulatory Compliance and Risk capabilities, including standardizing and operationalizing our reports and publications review and approval process and providing reporting support for other teams within Controls and Advisory Risk Services. This person will also assist other teams within Controls and Advisory Risk Services on regulatory and other projects as needed (e.g. assessments, examinations, issues management).
This person will work with GTS risk and control owners and other key stakeholders throughout the GTS organization. This individual may also interact with senior and executive management within the GTS organization, as well as business unit and regulatory agency contacts as needed to complete required tasks and bring projects to closure.
- Assist and lead in the execution of the GTS Publication Process, including reviewing materials for inconsistencies, coordinating reviews and approvals of senior and executive management, and managing relationships with key stake holders.
- Assist and lead in the execution of Regulatory Assessments, Questionnaires, and Examinations, including identification of gaps for Issues Management.
- Develop and maintain an understanding of the organization and division of functions and responsibilities within the GTS organization.
- Ensure all activities and duties are carried out in full compliance with regulatory requirements and the company’s Operational Risk Framework, Policies, and Standards and foster a culture of Risk Excellence.
- Handle routine issues with guidance from senior staff and consult with senior staff where clarification or exception to policy may be required.
- Assist with the identification of potential enhancements to current procedures and processes and provide solutions on how to improve or streamline current business practices.
- Prepare executive summaries and reports and perform level-one and level-two analyses as directed.
- Provide support, as requested, on other compliance, risk, and advisory related projects and initiatives within Controls and Advisory Risk Services.
- Bachelor’s degree in business, a related field, or equivalent experience.
- Highly organized with high attention to details and analytical skills required, project management and operational planning skills a plus.
- Proven interpersonal communication skills required, negotiation skills a plus.
- Minimum 4 years of experience in IT risk management, audit, and/or compliance and knowledge of industry Risk and Control frameworks (e.g. COSO, COBIT, NIST, ISO) is preferred.