Talent Gathers Here
Posted: 02-Jan-23
Location: Salt Lake City, Utah
Salary: Open
Internal Number: 10280_060501
Zions is a seeking an IT control professional to support the Control Program within Operational Risk Management (ORM). Working in Operational Risk Management is a unique opportunity to work with leadership and teams across the Bank, gain exposure to the broad scope of the bank and its operations, and prepare updates for Executive leadership and the Board on Operational Risk control testing and on the Bank's risk/control environment.
The IT Control Program Analyst is responsible for supporting the technology control program across the control management lifecycle (risk identification, control creation, testing (test of design and test of effectiveness), control monitoring, maintenance, retirement, and reporting. The IT Control Program Analyst will work closely with, and support, the Bank's Risk and Control Self-Assessments (RCSAs) and perform ad hoc risk and control projects. The Program Analyst supports maintenance of control information within the Governance, Risk, and Compliance tool, and provides guidance and reporting to managers and executive committees. The Program Analyst provides the technical and analytic skills, and critical thinking needed to enhance Zions Bancorporation's risk/control environment, carry out the Risk Management framework, and support the Bank's customer experience, operational excellence, efficiency, and profitability.
Responsibilities include those listed below:
- Identifies and assesses key risks and controls (e.g., Technology, operational, compliance, financial reporting, etc.)
- Analyzes risk and control data to provide insights to management and other risk stakeholders, including executive management
- Supports IT controls across the control management lifecycle (risk identification, control creation, testing (test of design and test of effectiveness), control monitoring, maintenance, retirement, and reporting.
- Complete IT control testing for compliance engagements and apply techniques to obtain evidence of control operation directly where possible.
- Perform ongoing research to investigate vulnerabilities and technologies that impact the technology environment.
- Makes updates to the technical controls in RSA Archer, the Bank's governance, risk, and compliance (GRC) tool.
- Maintains control program governance documents, including the Enterprise Control Management Program and department procedures
- Drives continuous improvements to enhance and streamline process efficiencies and automation for the business and for Risk Management, including control program test centralization
- Drives efficiencies and effectiveness in the Bank's IT control inventory
- Keep abreast of the cyber and data security threat landscape
- Enhances the COSO assessment approach, facilitates the assessment and reports on COSO assessment results
- Other duties as assigned
Qualifications:
- Bachelors in Accounting, Finance, Business Administration, Economics, Risk Management, Technology, Information Security or a related field.
- Familiarity with Information Security, Identity and Access Management, Data Governance, Application Development and IT infrastructure principles, policies and procedures is essential.
- Knowledge of Technology, Data and Cyber risks, technical control formation and implementation.
- Application and Information Technology general controls testing experience.
- 1-4 years of IT audit, risk management, technology, or compliance in financial services or other directly related experience. Some experience with Penetration Testing is preferred.
- Demonstrated ability to communicate effectively and report test results to key stakeholders.
- Certified Information System Auditor (CISA) and or Certified Information System Security Professional (CISSP) certification is preferred.
- Process improvement and/or automation skills.
- Knowledge of various bank and government regulatory requirements, including OCC, FFIEC, SEC, COSO, COBIT, NIST, etc.
- Ability to effectively work on a team and identify and support innovation opportunities.
- Knowledge of risk and control assessment and testing techniques.
- Proven problem-solving, root cause, analytic, and/or benchmarking experience
- Must have excellent presentation and communication skills (oral and written), and strong project management skills
- Knowledge of Microsoft applications (strong Excel and PPT skills) and database, analysis, and reporting tools, including MS Power BI.
- Interpersonal, teamwork and problem resolution skills
- Process mapping experience (IBM Blue Works Live a plus)
Benefits:
- Medical, Dental and Vision Insurance - START DAY ONE!
- Life and Disability Insurance, Paid Parental Leave and Adoption Assistance
- Health Savings (HSA), Flexible Spending (FSA) and dependent care accounts
- Paid Training, Paid Time Off (PTO) and 11 Paid Federal Holidays, and any applicable state holidays
- 401(k) plan with company match, Profit Sharing, competitive compensation in line with work experience
- Mental health benefits including coaching and therapy sessions
- Tuition Reimbursement for qualifying employees enrolled in an accredited degree program related to the needs of the business, maximum of $5,250 per calendar year, employees are eligible for the program upon hire
- Employee Ambassador preferred banking products
