IT/IS Risk Assessment/Compliance (SOC 2/Financial Services) – Top $$
Our client, a highly successful financial services firm with operations throughout the US, is actively recruiting for a very sharp, knowledgeable and insightful Analyst to join its IT Compliance team. This is a critical role and company will pay industry leading wage to attract a star. Position can be located in its Raleigh headquarters or its Greensboro office.
This company is the leader in its industry; it provides a wide range of services to the financial services sector, with particular strength in insurance and reinsurance. The Risk Management group is responsible for ensuring that the proper protocols are in place to minimize data security risks, and that those protocols are being followed. This Analyst will be instrumental in that effort.
Key Things to Note:
- Company is in high growth mode, and is expanding its Information Security efforts. Seek candidate who will bring the knowledge, ingenuity and initiative to contribute to this trailblazing function.
- Company is subject to SOC 2 Type 2 assessments. Related exposure, including pre-engagement prep, is essential.
- The company employs certain key 3rd party vendors to manage various aspects of its data. Experience with security assessments of vendors will be critical.
- Role will involve extensive interface with a wide range of constituents. Right candidate will combine outstanding technical savvy with refined communication skills (both verbal and written).
Role will involve performing risk and control assessments across the enterprise to understand if controls are functioning effectively. The role requires technical, business, and risk evaluation capabilities, and we seek a well-rounded candidate who brings it all.
Specific duties will include:
- Obtain and analyze information required for planning, scoping, and risk-assessing the review and /or conducting assigned IT risk and control testing in execution of the Compliance Program
- Assist in leading Sarbanes-Oxley and Audit testing, record results, and report key findings to management
- Participate on teams to ensure that areas related to compliance or any remediation efforts are addressed
- Assist with developing compliance audit procedures, supporting tools, and reports to evaluate risks and controls
- Draft audit findings for inclusion in audit reports and perform subsequent follow-up procedures against Exception Requests and Gaps to ensure proper closure and resolution
- Work with business partners to develop cost-effective action plans to improve the control environment and operating effectiveness while maintaining compliance
- Advocate for the adoption of policies and procedures that maximize controls in the operation of the business
- Assist with leading audit engagements (IAD, Customer, regulator and external auditor) following steps outlined in detailed audit programs, including identifying and assessing risks, and documenting findings in work papers
Targeted candidate will offer a related Bachelor’s degree (Masters preferred) and 3+ years of IT Compliance/Risk Management experience, ideally in the financial services sector.
Other priorities include:
- Familiarity with SOC 2 Type II engagements
- Knowledge of auditing standards (IIA and ISACA) on the COBIT framework
- Understanding of information security and audit principles and best practices, including ISO 27001
- Superb communication skills
- CISA/CIA Certifications, preferred
- Longevity and impact in previous roles
Finally, and critically, we seek a go-getter who is ready and able to contribute in this high expectations, highly dynamic setting. The company is experiencing exponential growth in a high risk industry. We seek a resourceful, focused, knowledgeable and can-do candidate who can bring value. Growth potential is enormous.
Please forward Word resume for prompt consideration. Local candidates strongly preferred.