*We are unable to sponsor for this permanent Full time role*

*Position is bonus eligible*

Prestigious Financial Company is currently seeking an IT Operational Risk and Controls Analyst. Candidate will provide critical support to the Director of Operational Risk to evaluate IT and Security risks by assisting with risk assessments and applying aspects of the risk management framework across the process, risk, and control universe. Additionally, this role will help with the risk assessment program activities, coordinate with other functions (eg IT, Security, TPRM, Legal, Compliance, and Internal Audit) and facilitate appropriate Corporate Risk governance to ensure alignment to strategy and short-term objectives.

Responsibilities:

Collaborate with IT, Security, TPRM, Legal, Compliance, and Internal Audit to ensure that Corporate Risk contributes to strengthening the overall effective management of IT and Security risk across the organization. Lead risk identification and assessment process for IT/Security risks and verify the consistency and reliability of the associated frameworks and systems. Drive adherence to methodologies, guidance, and standards applicable to risk identification and assessment frameworks. Maintain risk inventories, taxonomies, and other elements supporting IT/Security risk management and compliance activities. Lead and execute the IT and Security risk assessment process, while aligning to the risk and control universe, and regulatory requirements and expectations. Generate reports of Archer data for various stakeholders, including regulators. Help automate IT & Security risk oversight. Communicate results of risk assessments to governance committees, business owners, and various levels of leadership. Collaborate on the enhancement and maintenance of Corporate Risk program methodologies, policies, procedures, and job aides, including the development of new program activities. Track and update ORMC team internal findings, external exam issues, and business area self-identified issues resulting from Enterprise Risk Assessment.

Qualifications:
[Required] Advanced understanding of IT risk, Security risk, and intermediate understanding of Operational risk. [Required] Ability to act as a trusted advisor and provide effective challenge. [Required] Creative, independent thinker, with a willingness to develop and drive new ideas. [Required] Excellent written, verbal and presentation skills. [Required] Must be team-oriented and be able to collaborate effectively in department and cross-departmental efforts. [Required] Ability to work under pressure and with tight deadlines. [Preferred] Familiarity with Financial Market Utilities; securities and derivatives markets. [Preferred] Ability to work in a highly regulated environment, including with the SEC, CFTC, and Federal Reserve; Familiarity with the Covered Clearing Agency regulations. [Preferred] Understanding of cloud technologies, including experience supporting migration to a cloud platform.

Technical Skills: [Required] Proficient in Microsoft Word, Excel, Access, and PowerPoint. [Required] Experience with eGRC systems (eg, Archer).

Education and/or Experience: [Required] Bachelor's Degree in Information Systems, Computer Science (or equivalent) preferred. [Required] 5+ years of experience in enterprise risk, technology risk, security risk, or risk consultancy, specifically with focus on assessing IT and Security risk. [Preferred] Certification such as: CISSP, Security+, CSX-P, CET, CISA or CISM.