IT Risk and Control Senior Analyst
hace 4 días
New York
Job DescriptionCompany Description For more than 70 years, IDB Bank has made it our mission to be the best bank for our clients by putting their needs first, and the success we’ve enjoyed fundamentally comes down to our people. Here at IDB, you’ll work side by side with some of the most talented professionals in the industry who share a strong sense of teamwork and a passion for providing exceptional service down to the smallest detail. We offer a comprehensive benefits package that includes generous paid time off and the ability to participate in our medical coverage and 401(k) plan on your very first day with us. We are also committed to diversity and inclusion, and to providing all of our team members with an equal opportunity to succeed and make meaningful contributions within a work environment that is respectful, welcoming and inclusive. Job Description Overview Reporting to the VP, IT Risk & Control, this role provides advisory services related to internal controls, risk assessments, risk management, IT controls, related standards (FFIEC, FDIC, GLBA, NIST, etc.) and makes recommendations to reduce risk by executing corrective action plans. Responsibilities • Gain comprehensive knowledge of IDBNY IT products and processes with focus on risk assessment and thoughtful improvement backed by data, • Identify, assess and evaluate risk to enable the execution of the enterprise risk management strategy, • In conjunction with team members understand technical processes, then gather, formulate and analyze the data to assist with risk management, • Based on the analysis suggest potential improvements to enhance overall Risk Management process, • Assess on-going risks and work in collaboration with business functional areas to mitigate risks, • Assist in the development of action plans to address risk factors identified during assessment, • Collect information and ensure that potential risk scenarios will be captured by existing controls, • Translate and communicate Risk Management concepts, information, and procedures to both technical personnel and non-IT business users to raise Risk awareness, • Track, monitor, and communicate Risk Management project progress against the project plan, requirements, quality measures, standard processes, and milestones, • Drive ownership and accountability of regulatory meetings, projects, and tasks, • Analyze challenges, problems, and process breakdowns to ensure that lessons are learned and potential improvements are implemented, • Identify potential threats and vulnerabilities for business processes, associated data and supporting capabilities to assist in the evaluation of enterprise risk, • Design and implement information systems controls in alignment with the organization’s risk appetite and in consultation with process owners to support business objectives, • Test information systems controls to verify effectiveness and efficiency prior to implementation, • Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively, • Implement Technology Systems controls to mitigate risk based on framework, • Establish control criteria to enable control life cycle management, • Ensure existing controls aligned to corporate risk appetite and tolerance, • Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements, • Monitor risk and communicate information to the relevant stakeholders to ensure the continued effectiveness of the enterprise’s risk management strategy, • Apply risk criteria to assist in the development of the risk profile for management approval Qualifications Qualifications • Bachelor’s degree in Computer Science, Technology, Risk, or equivalent., • 7+ years’ experience as an information risk analyst, or information technology auditor, • Experience in the financial/banking industry is preferred, • Good knowledge of key tools (ServiceNow, CyberArk, Splunk, Qualys), • Proficient with Microsoft Office products including Word, Excel, Access, VISIO and PowerPoint, • Report writing skills are required. Must be able to summarize and communicate technical data to a non-technical audience. Additional Information Compensation: The expected annual salary for this position is between $115,000-135,000 annually at the start of employment. A salary offer is determined on an individualized basis, taking into consideration factors such as an individual’s skills and experience. In addition to base salary, our total rewards package also includes eligibility for an annual bonus, medical, pharmacy, dental, and vision plans, life and disability insurance, employee wellness program, retirement and savings plans with employer contributions, generous holiday and paid time off schedules, parental leave, and tuition reimbursement. The Bank will make reasonable accommodations to the following employees to allow them to perform the essential functions of their position, except where doing so would result in undue hardship to the Bank: • Those with a known mental or physical disability., • Pregnant individuals and/or individuals with pregnancy or childbirth-related medical conditions., • Victims of domestic violence, sex offenses or stalking. The Bank retains the ultimate discretion to choose the appropriate reasonable accommodation. Upon reaching a final determination at the conclusion of the cooperative dialogue, the Bank will provide the requesting individual with a written final determination identifying any accommodation granted or denied. In addition, the Bank will maintain any information regarding the employee’s request and status in the strictest confidence, except as requested by the employee, as required on a need-to-know basis or as otherwise required by law. Disclaimer The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed. All your information will be kept confidential according to EEO guidelines. IDB BANK, INCLUDING ITS SUBSIDIARIES AND DIVISIONS, PROVIDES EQUAL EMPLOYMENT OPPORTUNITIES TO ALL EMPLOYEES AND APPLICANTS FOR EMPLOYMENT WITHOUT REGARD TO RACE, COLOR, RELIGION, SEX, SEXUAL ORIENTATION, NATIONAL ORIGIN, AGE, DISABILITY, GENETIC STATUS, CITIZENSHIP STATUS, MARITAL STATUS, MILITARY OR VETERAN STATUS, CURRENT UNEMPLOYMENT OR ANY OTHER LEGALLY PROTECTED CATEGORY IN ACCORDANCE WITH APPLICABLE FEDERAL, STATE AND LOCAL LAW. NOTHING IN THIS SITE CONSTITUTES A PROMISE OR OFFER OF EMPLOYMENT. IDB BANK, INCLUDING ITS SUBSIDIARIES AND DIVISIONS, PROVIDES EQUAL EMPLOYMENT OPPORTUNITIES TO ALL EMPLOYEES AND APPLICANTS FOR EMPLOYMENT WITHOUT REGARD TO RACE, COLOR, RELIGION, SEX, SEXUAL ORIENTATION, NATIONAL ORIGIN, AGE, DISABILITY, GENETIC STATUS, CITIZENSHIP STATUS, MARITAL STATUS, MILITARY OR VETERAN STATUS, CURRENT UNEMPLOYMENT OR ANY OTHER LEGALLY PROTECTED CATEGORY IN ACCORDANCE WITH APPLICABLE FEDERAL, STATE AND LOCAL LAW. NOTHING IN THIS SITE CONSTITUTES A PROMISE OR OFFER OF EMPLOYMENT.