Senior IT Risk & Compliance Analyst

Job Description: The Senior IT Risk and Compliance Analyst will aid in supporting the Information Technology department's adherence to the Bank's Governance, Risk & Compliance (GRC) framework, Enterprise Risk Management framework, and Sarbanes-Oxley (Sox) compliance. Responsibilities will include but are not limited to: • Collaborating with IT personnel to understand and document operational processes to identify process improvement opportunities and unmanaged risk. • Identifying technology risk and aiding with developing the applicable control objectives and creating appropriate test steps to validate risk mitigation. • Performing testing of all technology controls and ensuring alignment of controls with industry frameworks. • Developing and maintaining process and control documentation, including but not limited to narratives and flowcharts for IT processes. • Assist with the implementation and execution of processes within the IT Risk & Compliance group that supports the proactive evaluation, identification and monitoring of IT risks and controls. • Assist with implementing continuous monitoring of IT controls and working with data for efficient control testing. • Assist with maintaining the IT policy and procedure library including executing a process to ensure documents, standards and other related materials remain current. • Perform various reviews, as necessary to validate compliance with IT policies, regulatory requirements, and other internal frameworks. QUALIFICATIONS AND EDUCATION REQUIREMENTS • Bachelor's degree • Minimum 4 years of IT audit or risk management experience. • Industry certification in Information Technology or Risk Management. • Demonstrated capability to perform walkthroughs, risk assessments, and ITGC testing. • Knowledge of Internal Control frameworks (COSO) and Information Technology frameworks (COBIT, NIST, ISO, and ITIL.) PREFERRED SKILLS • Data analysis and automation skills. • Experience in assessing and testing security and cloud controls. • Ability to demonstrate creativity and innovation to provide fresh ideas and approaches to process improvements and control testing. • Ability to manage ambiguity and changing priorities. • Effective communication skills and ability to influence.