IT Controls Analyst

Description

• Responsible for weekly status reporting to the IT Cyber Security Risk Officer, escalation of issues and written communication, and presentation materials
• Create and maintain Vendor Risk Assessment templates and evaluations
• Research privacy-related topics to enhance departmental privacy efforts
• Conducts all business in a professional and ethical manner to serve customers and increase the goodwill and profit of the company
• Maintain current knowledge regarding industry compliance regulations, requirements, policies and amendments to regulations
• Coordinate work with internal and external audit as needed
• Draft, implement, and track management action plans
• Assist with development and implementation of security policies, standards and education efforts
• Perform analysis of internal business as well as external events to ensure organizational risk is properly assessed and meets the organization IT Compliance needs
• Maintain all existing policy and procedures to ensure they continue to address all compliance needs
• Business Continuity Plan creation, planning, maintenance and testing
• Provide input to the information security awareness, training and education program
• Work with stakeholders and subject matter experts on the maintenance and/or development of documentation as a result of audit or compliance findings
• Disaster Recovery Plan creation, planning, maintenance and testing
• Drive for timely completion of Business Continuity, Disaster Recovery, Vendor Management, Information Security projects to meet business needs
• Ensure risk management reviews are conducted
• Collaborate with the Corporate Information Security and IT Controls teams to review security policies, standards, procedures and guidelines
• Responsible for reviewing all official Compliance documentation maintained by the department
• Manage day to day compliance risk and make recommendations to management for continuous improvement
• Develop and maintain positive relationships with IT staff and customers
• Monitor activities to ensure compliance with applicable internal policies, procedures and external regulations including monthly, quarterly and annual account activity review

Requirements

• Ability to travel overnight
• Ability to update policies/procedures based on current operations
• Two plus years of information technology compliance experience
• Proficiency with MS Office and email
• Mortgage Industry/Financial Regulatory knowledge is a plus
• Five years’ experience in the IT Compliance field in a finance/lending related industry preferred
• Bachelor's degree from a four-year college or university
• CPA or CIA a plus
• Experience with information technology in application development or infrastructure support preferred
• SOX and Operational Control testing experience
• CISSP (Info System Security Professional), CISM (Info Security Manager) or CISA (Info System Auditor) certification recommended
• Understanding of NIST and COBIT frameworks

Benefits

• Employee Stock Purchase Plan
• Flex Spending Accounts
• Medical, Dental and Vision
• Multiple Voluntary and Company provided Benefits
• Life & Disability Insurance
• Vacation, Sick, Personal Time and Company Holidays

Training + Development

Interview process

Visa Sponsorship

Security clearance