Reporting to the Manager or Sr.Manager, IT Risk and Compliance, the Senior GRC analyst will be responsible for supporting the day to day IT compliance, data governance, and IT risk management functions. The role will include primary responsibility for the defining, creating, and managing IT policies and standards in support of legal and regulatory compliance needs as well as general IT and organizational information security practices.
Requirements
- Audit and assess firm wide plan for IT Risk and Compliance policies and rules
- Participate in process and control documentation pertaining to controls implementation
- Develop and implement operational and enterprise governance frameworks
- Perform business impact analysis and assist with development of IT/InfoSec risk register
- Operationalization of a metrics and reporting function to continually report on meaningful security, risk and compliance metrics for operational and executive management
- Develop and manage the automation of KPIs & KRIs reporting that align with operational/business risk
- Support internal and external audit process for relevant compliance concerns and risk management to re mediate new and outstanding issues including PCI, SOX, ISO, NIST, Issuers etc.
- Support vendor due-diligence process and help to lead and define overall third party risk management efforts including contracts,performance etc.
- Perform periodic gap assessments across product lines to validate compliance on an ongoing basis
- Driving remediation activities from identification, remediation plan and closure for various information systems and processes
- Liaise on with GPS counterparts for compliance reporting & continually enhancing the risk & compliance framework implemented for the project
Benefits
- Pay and Bonuses
- Career Progression
- Reward and Recognition
- Tuition Assistance
- Healthcare Insurance
- Volunteering Opportunities
- Retirement Savings
- New Family Support
- Team-building
- Work-Life Balance
