As anIT Risk & Control Analyst, you will be responsible for supporting the Data and Machine Learning vertical to identify, assess and advise management on financial, regulatory, operational and strategic risks including a role in contributing to activities which form part of the annual SOx Program as well as assessing risks for new and ongoing initiatives within the department as a second line risk function. This position will require you to have a detail oriented approach for the processes and associated controls under your scope but also have a strong big picture focus to understand wider impacts across the business as a whole.
Key Responsibilities
- Support the business stakeholders to understand IT risks, including regulatory compliance risks (e.g., Cloud Security, SOx, GDPR etc.),
- Support respective business teams to develop and improve IT controls in complex IT environments
- Responsible for facilitating SOx activities such as process walkthroughs, documentation of process narratives and Risk & Control Matrices (RACMs) and supporting the business in addressing audit requests (internal audit and external auditors)
- Responsible for facilitating identification, assessment and management of issues impacting the control environments of these departments
- Responsible for uploading and maintaining risks, controls and issues in our GRC platform (ServiceNow)
- Partner with other Risk Analysts and Officers for ensuring that business and IT process linkages are well understood and controls are adequately designed and documented.
Requirements of special knowledge/skills
- Previous work experience across one (ideally two) or more of these areas Risk Management, IT Audit, Financial Audit, and/or Internal Controls
- Strong working knowledge of risk management and ITGCs with the experience in applying them in complex IT environments
- Working knowledge / experience with SOx audits and auditor testing methodology
- Flexibility to adapt to an ever-evolving and dynamic work environment
- Strong communication and relationship building skills
- Able to self-motivate, organize and take responsibility for own workload to ensure that deadlines and objectives are met
- Able to multitask and prioritize work effectively
- Strong communication skills. Fully comfortable working in English, both written and spoken.
The following are preferred qualifications for the position:
- Familiarity with specific technology (AWS, Snowflake, Big Data Lakes/Platforms) is preferred
- Familiarity with financial audits is preferred
- Familiar with applicable IT frameworks (COBIT, ITIL, NIST, ISO 27001, 20000, 22301, etc) is a plus
Pre-Employment Screening
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.