IT General Controls Analyst

This is a fully remote position, open to applicants in United States.

📋 Description

• Assist in the upkeep of strategic and tactical initiatives related to managing the IT General Control Library.

• Identify and evaluate risks associated with IT controls and propose mitigation strategies.

• Document and oversee general controls while operating in an environment that effectively manages tasks.

• Generate deliverables, such as process flows, procedure documentation, and specialized assessment reports pertaining to processes, tools, metrics, and communication activities.

• Aid in the investigation and analysis of control issues and discrepancies.

• Ensure that documentation of gaps and issues is both accurate and comprehensive.

• Conduct access reviews, data security, backup and recovery, system operations, and network security controls in accordance with SSAE16/18, FFIEC, SOX, and ISACA/COBIT frameworks.

• Verify that IT systems comply with applicable laws, regulations, and standards, while conducting regular audits for compliance verification.

• Assess the information security posture of third parties and design IT controls based on business risks.

• Assist in implementing key control practices and procedures by preparing presentations for internal stakeholders to provide regular updates on modifications.

• Engage in discussions to identify and address business risks, ensuring that business staff comprehends key control concepts and their significance to core business practices.

• Monitor that controls used to mitigate business risks are effectively designed, executed, and documented.

• Collaborate with corporate-level resources to identify, design, and implement controls for maximum effectiveness.

• Act as an advisor to the IT General Controls Manager on matters related to IT controls, serving as a functional liaison to business resources.

• Support IT intake projects to facilitate the development and deployment of IT general controls.

• Track the resolution of issues arising from audits and examinations.

• Work with team members on process improvement initiatives for IT General Controls.

• Foster a culture of continuous improvement and customer service excellence through visible metrics and KPIs (Key Performance Indicators).

• Collaborate in crafting a company-wide framework that incorporates ITIL, COBIT, and ISO disciplines.

• Comprehend the Technology Roadmap and ensure that infrastructure outsourcing partners meet roadmap expectations.

• Seek continuous cost-saving opportunities.

• Recommend changes to the IT General Controls Manager that could enhance service delivery and/or lead to cost savings.

• Engage in strategic and tactical initiatives involving activities and personnel linked to resource management, ensuring that IT resources can fulfill the business’s strategic objectives.

• Stay informed on industry best practices to support a risk-based approach in infrastructure practices.

• Document IT activities in a comprehensible and accepted process model.

• Take responsibility for understanding identified risks and their respective control plans.

• Provide training and support to staff regarding compliance requirements and best practices in IT general controls.

• Assist with special projects and initiatives as assigned.

• Perform additional duties as required.

⛳️ Requirements

• Bachelor's degree in business administration, IT-related field, or a degree directly relevant to the position or equivalent, required.

• At least 3 years of experience in IT Operations, Security, Risk, and/or Audit required.

• Technical Project Management and/or Business Analysis experience preferred.

• Familiarity with access reviews and/or IT General Controls audits.

• Proven ability to analyze and manipulate data from various sources, including Excel, CRMs, and online repositories.

• Capacity to create, enhance, and sustain processes within the IT Division (experience in process modeling and procedure development preferred).

• Advanced proficiency in MS Office (Word, Excel, and PowerPoint).

• Experience with GRC tools, project management software, and IT asset management providers preferred.

• Understanding of the systems development lifecycle and change management principles.

• Knowledge of financial institution governance and regulations, including SSAE16/18, FFIEC, SOX, and ISACA/COBIT.

• Ability to maintain organization and effectively manage the completion of assigned tasks.

• Exceptional written and oral communication and presentation skills.

• Ability to summarize and condense substantial amounts of information and data for executive summaries.

• Willingness to take ownership of specific processes, projects, and deliverables.

• Customer-focused and results-driven.

• Ability to set and meet critical deadlines.

• Capacity to prioritize multiple activities and complex projects simultaneously.

• Ability to research and resolve issues.

• Excellent verbal and written communication skills required.

• Highly organized and detail-oriented; must thrive in a fast-paced, metrics-driven environment.

• Proficiency in Microsoft Office Suite, Word, Excel, Wiki, collaborative cloud-based applications, and third-party software applications required.

• Commitment to company values.

🏝️ Benefits

• Medical

• Dental

• Vision

• Life insurance

• AD&D

• LTD

• 401(k) with employer match