Risk & Controls Analyst Job Description
Risk & Controls Analyst Duties & Responsibilities
To write an effective risk & controls analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included risk & controls analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Risk & Controls Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Risk & Controls Analyst
List any licenses or certifications required by the position: CISSP, CISA, CISM, CRISC, CIA, CRM, CRCM, ISO, PM, CPA
Education for Risk & Controls Analyst
Typically a job would require a certain level of education.
Employers hiring for the risk & controls analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Finance, Accounting, Business, Management, Computer Science, Education, Financial Services, Information Technology, Project Management, Leadership
Skills for Risk & Controls Analyst
Desired skills for risk & controls analyst include:
Desired experience for risk & controls analyst includes:
Risk & Controls Analyst Examples
Risk & Controls Analyst Job Description
- Evaluation of the operating effectiveness of internal controls for assigned cycles
- Works closely with the Head of IT Risk & Controls in executing the strategy for the group
- Manage and assess risks associated with various projects, both software and technology related, and provide recommendations on mitigating such risks
- Manage and assess risks associated with various IT processes, and provide recommendations on mitigating such risks
- Promote awareness of IT Control functions
- Maintain an awareness of all regulatory requirements and changes within the industry, region and their impact on our IT services and controls
- Actively provide governance to all IT teams to ensure best practice is followed to ensure compliancy and reduce risk
- Develop, implement and manage new/amended risk and controls framework for IT including adherence to policies, standards and tracking exceptions
- Serve as primary IT interface with internal & external auditors, regulators on all audit, control and risk matters
- Report on key risks, audit findings, regulatory issues and controls to IT teams and varying levels of management
- Experience with providing advisory support to business unit leaders in the identification and design of controls
- A strong work ethic, a high degree of motivation and the ability to contribute to a positive team attitude
- Highly-proficient computer skills with applications within the Microsoft Office suite, including MS Word, Excel, Visio, and related MS Office applications
- Ability to effectively communicate, both orally and in writing with colleagues, management, and executives with regulators and other third parties as applicable
- University degree, or higher, in a technical discipline is preferred
- CISA, CRISC or a qualification in an IT discipline like ITIL or IT Controls related is preferred
Risk & Controls Analyst Job Description
- Partner with product teams to drive and manage key risk, regulatory and audit related activities
- Support audits, reviews, and exams by coordinating information requirements
- Govern and lead cross TI and cross discipline risk program
- Engineers the creation and influences the adoption of security and operational standards, solutions and tools
- Partner with TI product teams to drive down inherent product risk while creating and driving commercial architectural and engineering solutions
- Coordinate annual review of policies and procedures to ensure they are up to date and identify any gaps in controls
- Partner with the Middle Office teams to perform RCSA testing
- Liaise with the Global Wealth Management Risk and Control Team as needed
- Lead / participate in special projects for the Middle Office teams
- Consolidate metrics / MIS reporting to senior leadership
- Working knowledge of IT Service Management processes and procedures
- Up-to-date knowledge of IT technologies and business software including Windows/Unix operating platforms, database technologies, Microsoft applications, network fundamentals and key business applications, Oracle Financials, Charles River Development, PeopleSoft, Transfer Agency applications
- Strong communicator (written and verbal) with the ability to understand and converse in English
- Proven track record of success coupled with proven knowledge of industry best practice for risk management, service delivery and controls
- Work with tower controls assessors and management to help them proactively and pre-emptively identify and remediate potential audit and regulatory issues
- Support the controls assessors through the self assessment CSA/RCSA process, including input into the testing plans, preparing testing guides and support materials, proposing appropriate sources, samples and evidencing, reviewing substantive analysis performed by assesses for completeness and accuracy, and assisting the operations teams in formulating management updates
Risk & Controls Analyst Job Description
- Analyze control frame works, federal requirements and security best practices to recommend mitigation for gaps in security controls for information systems
- Provide input to Information Security Policies that adheres to state and federal regulations
- Conduct end to end process reviews to ensure appropriate controls exist for all processes and facilitate the identification of process improvements to create efficiencies
- Develop and maintain relationships with new and existing clients to deliver high-quality output, advice and assurance across GRC subject matter
- Develop and maintain effective relationships with clients and key stakeholders and identify new business opportunities
- Manage diverse teams effectively and develop an inclusive team culture for all colleagues
- Establish and maintain relationships with key business line and functional stakeholders
- Assess business line processes to evaluate compliance risk and control environments
- Ensure that compliance issues are brought to the attention of Compliance Management and monitor business action plans to ensure timely remediation
- Role will require influencing risk reduction actions and/ or challenging non-optimal decisions
- GTI and LOB Audit, Regulatory and Controls functions
- GTI SO Risk & Controls Functional Leads and staff
- Experience working with globally dispersed teams, with hands on experience with MS Office products
- A demonstrated ability to identify, articulate and design robust, effective Technology Controls and to author Standards and Procedures (adhering to a predefined framework)
- A demonstrated excellence in written and verbal communication skills
- Effective organization and leadership skills (of working groups of SMEs to identify and distil key items ), the ability to negotiate and influence effectively
Risk & Controls Analyst Job Description
- Highly visible and most complex evaluations communicating with diverse partners, in a leadership capacity
- Ability to interact with Executive and Senior Management to facilitate the accomplishment of company goals
- Adhere to applicable organizational policies and procedures
- Owning various monthly organization and reporting activities, such as generating operational risk reports for the Business Operations team
- Coordinating periodic tasks with Business Operations stakeholders
- Effectively communicating and collaborating with Business Operations groups to build positive relationships and understand key aspects of the business
- Working in a fast paced environment and manage multiple tasks simultaneously
- Works independently to produce deliverables that are in near finished form, understandable and at the appropriate level of detail depending on the audience
- Manages own work and allocates or coordinates the work of others but does not have full management responsibilities
- Partner with process owners, managers and team-leads to ensure alignment of scoring expectations
- A mature, pragmatic outlook, with the ability to balance the conflicting needs of compliance, risk management, expediency and business objectives, to ensure that the Firm’s ITRisk Standards and Procedures are Applicable, Appropriate and Actionable by our Technology & Operations communities
- A demonstrated ability to identify, articulate and design robust, effective Technology Controls and to design and deliver appropriate KPI/KRI Metrics able to accurately articulate a risk posture based on those controls
- Work effectively both independently and as part of a team, goal oriented, self-motivated
- Effective in global / regional interaction and collaboration
- Knowledge of security tools including IDS/IPS, malware/AV are preferred but not essential
- Experience in software development lifecycle, associated processes and tools
Risk & Controls Analyst Job Description
- Provide subject matter expertise to team by coaching and training
- Assist with research for audit requests and various projects like new business migrations
- Represent manager and team on stakeholder calls as needed
- Participate with strategic leadership of the team
- Liaise with the WMIS Risk and Control Team regularly on various initiatives
- Follow appropriate policies and procedures to ensure the firm fulfils its fiduciary responsibilities in accordance with the applicable governing document and law
- Reviews management’s control documentation and self-testing and assessing its adequacy to support management’s opinion
- This position is responsible for the implementation and success of the information technology (IT) Governance, Risk, and Controls (GRC) program which will have far reaching change impact on the culture and behavior of IT professionals at the client
- Develop requirements for the ESO Governance, Risk and Compliance tool modules that will meet security best practices, automate manual work, and build efficiencies
- Assist in the development of an Audit process to include coordination of resources, evidence/artifacts, remediation processes and ensure processes are automated (using GRC tool) and improve efficiency and proficiency
- Proficient in Microsoft applications, specifically Excel, Visio, Word, OneNote and PowerPoint
- Experience working with Microsoft applications
- At least six years of experience as a GRC professional with risk and control framework management experience
- Financial services or related industry experience within an operational risk, compliance, internal audit, IT or third party risk environment
- Knowledge of relevant risk and control management frameworks and risk reporting
- Proficient communication skills in a senior management/formal committee setting, including report writing, and experience of challenging, investigating andinfluencing