Software Guidance & Assistance, Inc., (SGA), is searching for an IT Risk Analyst for a full time assignment with one of our premier clients in New York, NY
As part of the U.S. Operational Risk function, the incumbent will be responsible for the oversight of IT Risks across the U.S. offices and businesses. The role will require design and implementation of the U.S. IT Risk Management Framework across the second lines of defense. The framework encompasses oversight, reporting, governance, communications, and education. As the second line of defense for businesses in the United States, Operational Risk provides independent oversight and challenge as well as assists in the development of the methodologies, policies, process, and tools to support the Operational Risk Management Framework.
- Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
- Maintains the U.S. IT Risk Management Framework and best practices within the Bank while acting as a center of excellence for IT Risk in the U.S.
- Promote the IT risk agenda and activities in the region through U.S. Wide communications, IT risk awareness training, and partnering with the businesses on cultural change.
- Improve and promote IT Risk Management practices in the U.S.
- Collaborate with the lines of business by acting in a consultative capacity to advise on IT risks that influence their business and ability to meet established strategic objectives, while maintaining oversight and objective challenge.
- Challenge the output of the first line in the IT Risk & Control Assessment (RCA) process for the U.S., covering Legal Entities, Processes and Business Lines.
- Challenge investigation of IT Incidents to define root causes, and provide input into remediation actions.
- Perform Deep Dives and scenario analysis to assess the effectiveness of controls surrounding key processes and to identify remediation for gaps to actively and demonstrably mitigate IT risks.
- Monitors compliance with IT Risk Policies, Standards and Guidelines.
- Prepares and/or coordinates monthly/quarterly IT Risk Meetings.
- Design, Implement and Promote Risk Reduction Tools.
- Support the U.S. Operational Risk Management team with Non-IT Risk deliverables.
- Provides oversight on annual mandatory information security awareness seminars to alert employees to the information security and best practices.
- Understand how the risk appetite and risk culture should be considered in day-to-day activities and decisions.
- Actively pursues effective and efficient operations of his/her respective areas, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational risk, regulatory compliance risk, AML/ATF risk and conduct risk, including but not limited to responsibilities under the Operational Risk Management Framework, Regulatory Compliance Risk Management Framework, AML/ATF Global Handbook and the Guidelines for Business Conduct.
- Champions a high performance environment and implements a people strategy that attracts, retains, develops and motivates their team by fostering an inclusive work environment; communicating vison/values/business strategy and managing succession and development planning for the team.
- Strong understanding of IT risk management frameworks in a global banking environment.
- A sound knowledge of banking activities, including capital market products, risk management techniques and the current regulatory environment in the U.S. Financial Service Industry.
- Able to convey complex concepts and ideas on issues requiring interpretation and opinion.
- Good negotiation skills and ability to resolve conflict between teams or individuals so that functional/organizational objectives are achieved.
- Excellent communication and presentation skills and ability to work with all levels of the organization.
- Independent in judgment and with a high standard of conduct and ethics. Able to challenge and be challenged whilst maintaining the highest levels of professionalism.
- Excellent analytical skills; critical thinking and problem solving skills.
- Good oral and written skills on a business level in English.
- Substantive and diverse knowledge of securities-related legal, tax, regulatory compliance and/or accounting treatment
- Good interpersonal skills
- Experience of investment banking and/or technology departments in a financial institution and exposure to multiple products.
- Strong expertise in IT Risk Management (eg Cyber Security, Logical Access, SDLC, Data Leakage).
- Expertise in Operational Risk Management.
- Industry certifications desirable (eg ISACA, CISSP, CISA).
- Proficiency in VBA for Excel, Tableau, and Open Pages desired.
SGA is a Certified Women’s Business Enterprise (WBE) celebrating over thirty years of service to our national client base for both permanent placement and consulting opportunities.