Senior Audit Risk Analyst - Remote

Apply for this position Please mention DailyRemote when applying
Posted 2 days ago United States Salary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Job DescriptionSenior Audit Risk AnalystPosition summary:As a Senior Audit Risk Analyst with a background in financial services, this position is primarily responsible for analysis and enterprise-level initiatives (e.g., SOC1/SOC2/FFIEC/ISO certifications) for the Business Risk management program. This role will partner with all tech Departments as well as business units to identify and assess the potential risks that may negatively impact the reputation, security, operations and financial viability of the company. Once identified and assessed, this position will facilitate the implementation of processes, procedures and other controls to ensure stakeholders are fully prepared to address potential threats.Expectations:Manage, identify, assess and report on potential risks for the tech Departments and Business Units.Documents and evaluates internal controls and ensures compliance with regulatory requirements.Contributor to technology audits over security, confidentiality, availability, privacy, and processing integrityCollaborate with various IT departments and business units to provide recommendations for control effectiveness and improvement. Drive accountability by reviewing remediation plans and ensuring that remediation efforts are progressing to completion.Successfully execute internal risk-based, operational and compliance studies, including performing all phases of the analysis - planning, fieldwork, reporting results and performing subsequent follow-up procedures.Act as point of contact for Business Risk management program and provide consultative guidance on projects and initiatives.Participate in Enterprise Risk Management and Global Crisis Management program meetings and other risk-related program meetings as required.Analyze documents, statistics, reports and market trends to forecast potential risks and threats.Responsible to prepare executive reporting and presentations.Actively support an internal training program, including developing course material and delivering training.Drafts concise reports and maintains records of risk analysis findings and associated action plan updates.Provides leadership, coaching, and or mentoring to the department and the business.Participate in other special projects or strategic initiatives at the direction of the executive risk management teamRequisitesBachelor's degree in Computer Science, Information Systems Management, or related field; or, equivalent education and experience.Experience with risk assessment, control analysis, audit procedures and standards, sampling techniques, risk components, and the internal framework of control.PreferredWorking knowledge of regulatory and compliance issues, including AICPA guidelines for SOC1 and SOC2 certificationsCurrent CRISC, CISA, CISSP, CISM or other relevant certification.Demonstrated knowledge of financial services and/or healthcare environments and the associated risks and threats.Demonstrated ability to apply analytic skills in solving risk-related problems.Experience assessing and/or implementing common industry frameworks such as: NIST CSF. COSO, NIST 800-53, Critical Security Controls (SANS Top 20)