Los Angeles, CA
$80-92 per hour
12 months ago
We are seeking an experienced Senior Information Technology Risk Analyst who will identify, analyze and report enterprise technology risks for executive level business, information technology and information security leadership. The Senior Analyst's work product will be shared with the Audit and Risk Committee, the parent company, and the regulators.
- Manage the risk assessment process, ensure assessments are completed in a timely manner, are appropriately scoped, and provide assurance through management control testing, including applications, data centers, databases, and infrastructure.
- Have primary responsibility for architecting the risk assessment system to ensure all necessary inputs, modules, and reports are implemented to automate to the extent reasonably possible.
- Translate complex regulations into clear, easily understood regulatory requirements and desired outcomes; perform gap analysis.
- Map regulatory requirements across regulations to identify overlapping requirements and compliance efficiencies.
- Track regulatory compliance and maintain up to date records of requirements and corresponding mitigating controls.
- Ensure that IT policies and standards comply with regulations; work with the Policy and Standards Committee when policies need to be updated or created.
- Work with business units to ensure controls are effective and appropriately address the relevant regulatory and security requirements they address.
- Complete credible challenge and oversight of the first line of defense (the business functions) as a member of the second line of defense.
- Coordinate with other compliance functions -- like Audit, Legal, Enterprise Risk, and Privacy -- to track compliance across the organization and pool expertise on vague or complex regulatory requirements.
- Minimum 7 years of experience in information technology risk assessment and analysis
- Minimum 4 years of experience with eGRC or equivalent risk or security management system
- Minimum 4 years working for a bank or financial institution
- Bachelor's degree in computer science, information technology, information security, or related field is preferred Ideal candidate will have experience with internal control frameworks for information technology, information security, IT governance frameworks, and conducting and analyzing cyber risk assessments
If this opportunity if of interest to you and you meet the desired skill set, please apply directly with an updated resume.