Compliance and Risk Management Senior Specialist

Compliance and Risk Management Senior Specialist

The IT Compliance and Information Security Analyst provides oversight of IT compliance and regulatory requirements, IT Security and controls, supports the application teams. This role will ensure applications/digital infrastructure remains secure, resilient, and compliant with regulatory standards, play a key role in Second Line of Defense, supporting IT assessments, and remediate gaps. This position provides support for internal and external audit activities while working closely with business partners to identify, assess, and manage IT related risks. Our Company Technology is on an exciting transformation journey, and you will have a great opportunity to help us transform the Security area as well as Compliance and Regulatory requirements

Major Responsibilities Include

Partner with Credit Application Teams to Implement and manage IT Controls

Provide Security & Control consulting to Application teams

Internal Audit and Third-Party Audit Support

Support Credit Internal Controls with IT related controls and deficiencies

Management of Comments identified by the Audit and application teams (development, implementation, and sustainability of Control Improvement Plans)

Conduct reviews of identified IT related audit Comments

Support Application teams with Detailed Risk Assessments and Threat Modeling

Support Vendor Management and Business Owners with due diligence for supplier onboarding

Support Credit Privacy and Compliance Attorneys with IT related regulatory requirements

Monitor GCP-Security Command Center to maintain visibility into the cloud compliance posture

Support Third Party consulting engagements

Maintain accurate JIRA User Stories and Backlog

Ensure the organization meets specific financial industry standards

Experience Required

Senior Specialist Exp: 7+ experience in relevant field.

Experience Preferred

Finance/Bank

Additional Information

Essential skills:

Strong knowledge of company and Industry standard IT Controls and best security practices

Solid understanding of corporate policies (Information Security Policy, Finance Manual, Corporate Directives, etc.)

Understand risk and implement mitigating controls

Knowledge of risk management principles, including risk assessment, mitigation, and reporting.

Strong leadership skills and results oriented

Continuous controls process improvement mentality

Integrity - ability to "stand ground " for correct action and do the right thing

Demonstrated ability to take ownership and accountability of all work and responsibilities

Strong interpersonal and communication skills (written and verbal), with the ability to collaborate effectively

Drafting and updating security procedures based on evolving threats and trends

Excellent interpersonal, collaborative and team building skills

Capable and comfortable working autonomously

Desired Experience

5+ years of progressive experience in information security, IT risk, Compliance, Audit within a financial services or regulated environment.

2+ years of an IT Auditor experience

Preferred candidate will have a proven track record in IT security and controls, demonstrated strong controls mindset

Experience within the Financial Services sector is highly desirable to navigate the complex regulatory requirements

Understanding of Large Language Models (LLMs) and identify opportunities to integrate AI into the compliance lifecycle.

Industry Certifications a plus (e.g., CISA, CRISC, CISM, CISSP)

Required Qualifications

Bachelor's degree in Information Security, Computer Science, Information Systems, Finance, or a related field.