Sr IT Risk and Controls

Overview

The Sr IT Risk Controls oversees quality assurance of all IT General Controls through assessment, walkthroughs, and audits. Monitors control environments, ensuring controls are operational and in-line with established policies, procedures, and methodologies. Identifies risks and gaps, facilitating remediation to address observations raised through internal and external audits, providing findings to leadership. Guides efforts to create common control frameworks and uniform compliance reporting standards. Stays up to date on changes to systems and applications, providing guidance on related controls.

Responsibilities

• Perform examination of IT general controls and application controls to determine design and operational effectiveness.
• Conduct periodic compliance audits of IT controls to ensure operating efficiencies throughout the year.
• Identify and track assessment/audits using performance metrics.
• Implement and supervise issue tracking and resolution process.
• Review audit assessments conducted by both internal and external audit teams.
• Assist control owners with root cause analysis and track risk management action plan progress.
• Provide relevant awareness training to control owners.

Qualifications

• Bachelor’s degree in Business, Accounting, Information Technology, or other quantitative discipline required.
• 5+ years of experience in IT compliance with experience in audit/assessments.
• Experience with project management best practices.
• Proficient knowledge of third-party related regulatory policies.
• Competency in security frameworks and Unified Controls Framework.
• Strong analytical and time management skills, with familiarity with common enterprise and web application technologies preferred.
• Certified Information Security Auditor, PMI Project Management Professional, and/or Certified Internal Auditor preferred.
• Big 4 experience preferred.

Physical Requirements

Lifting Requirements – light work or exerting up to 20 pounds of force frequently. Physical Requirements – stationary positioning, moving, operating, ascending/descending, communicating, observing, pushing, or pulling, and reaching. Use of equipment and tools necessary to perform essential job functions.