IT Internal Control Testing Senior Analyst for City National Bank in Los Angeles, CA (Starting base salary: $108,305 - $140,688 per year.)
WHAT IS THE OPPORTUNITY?
The IT Internal Control Testing Senior Analyst will perform risk-based testing activities that independently evaluate the design and effectiveness of controls and further assist with the enhancement and execution of the first line of defense Internal Control Testing and Monitoring for AI&O. This role will primarily support the identification and mitigation of regulatory risk and operational issues and will also assist in the maintenance of operational and key control procedures.
Key mandates for this role:
- Executing control testing that evaluate the design and operating effectiveness of CNB's first line key controls
- Analyzing, aggregating, and articulating the results/issues/recommendations related to control testing activities
- Maintaining a thorough understanding of CNB's Internal Controls Management Policy, control testing methodologies, and related regulatory and compliance standards
- This requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information.
- As a Subject Matter Expert (SME), responsible for executing the CyberSecurity Control Assessments and provide recommendation on identified gaps for the changes/modification of Control Design, Process/Product design, configurations of the platforms to achieve compliance.
The IT Internal Control Testing Senior Analyst is also responsible for performing control testing for all of CNB's first line key controls. This is a key strategic and integral role for the overall success of Infrastructure Compliance within AI&O. This dynamic position provides opportunities for working across CNB, including across AI&O, 2LOD and internal audit. The IT Internal Control Testing Senior Analyst keeps abreast of external cyber security trends, technologies and cyber risk management approaches, control hygiene of the environment, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a risk posture within the bank's overall risk appetite.
This is an advanced senior professional with wide ranging experience uses professional concepts and to resolve complex issues in creative and effective ways. Serves as an expert in own discipline or area of specialization. Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors.
Technology and Innovation Division
As a member of City National's Technology & Innovation group, you will drive, develop, and maintain solutions for clients and colleagues. This is an exciting time of technology advancement and innovation across the bank, particularly within our technology teams.
WHAT WILL YOU DO?
- Perform complex internal control monitoring and testing for Architecture, Infrastructure & IT Operations (AI&O) department across service domains (hosting, middle tier, end user, cloud, service management) adhering to an established schedule. Participate in all phases of the internal control monitoring process including planning, testing, evaluating risk, identifying mitigating controls, developing conclusions, writing reports and maintaining work papers.
- Assess residual risk within subject specialty area to evaluate the design and effectiveness of security controls.
- Responsible for executing Control Assessments (i.e. Testing) that evaluate the design and operating effectiveness of AI&O's first line Key Controls; May act as designated lead tester/reviewer of control testing engagements.
- Monitor all open internal control findings and issues until satisfactorily resolved. Escalate status as warranted. Conduct formal follow-up to determine the adequacy and effectiveness of actions taken. Prepare reports of results for senior management.
- Act as a liaison with 2LOD, prepare documents, analyze, aggregate, and articulate results/issues/recommendations related to monitoring activities and regulatory exams.
- Maintain current knowledge of legislative developments, State and Federal laws and regulations as well as regulatory guidance and industry best practices.
- Recommend changes and/or enhancements to policies and procedures, as well as, develop the necessary training.
- Assist with data collection and responses for regulatory exams, internal and external audit. Partnering with internal senior management on remediation plans from exams/audits.
- Handles special projects as assigned and liaise across interdepartmental teams on projects and deliverables related to exam/audit, monitoring, and testing findings.
- Maintain a thorough understanding of CNB's Internal Controls Management Policy and Standards, control testing methodologies, and related regulatory and compliance standards, including but not limited to enterprise risk management, data governance, third party risk management, model risk management, business continuity, fraud risk management, and associated regulations, guidance, and regulatory expectations
- Exhibit high attention to detail in analyzing, aggregating, and articulating the results/issues of control testing activities and value-add opportunities for improvement of Key Controls to CNB Senior Management and other stakeholders
- Develop robust and scalable testing modules, scripts, and other guides including testing approach for evaluating the effectiveness of AI&O's first line Key Controls to mitigate key risk exposures related to regulatory requirements and CNB risk policies and standards.
- Support development, implementation, and continuous improvement of tools, templates, and best practices that support control testing and reporting activities.
- Create narratives and flowcharts from walkthroughs with first line staff and management in all divisions, confirming key controls.
- Exhibit high attention to detail in documentation of control evaluation work papers and remediation of reviewer's commentary
- Contribute to the articulation of results/conclusions/memos of control testing activities and communicate to key stakeholders across CNB
WHAT DO YOU NEED TO SUCCEED?
Must-Have
- Minimum 12 years of IT Operations and Technology experience
- Minimum 6 years experience in IT risk management, IT Operations and Technology domain.
- Minimum 6 years of experience in controls testing, internal audit, quality control roles, or other complimentary capacities, preferably within the financial services industry, a public accounting firm, or with a financial institutions regulator,
- Minimum 4 years of experience in the financial services industry
Skills and Knowledge
- Prefer experience with Common Controls Hub / Unified Compliance Framework
- Prefer 5 years of experience working in technology environments consisting of hybrid cloud and multiple technology domains.
- Preferred Certifications: CRISC - Certified in Risk and Information Systems Control, and / or CISSP - Certified Information Systems Security Professional
- Knowledge of FINRA, SEC, MSRB, FRBNY and OCC rules and regulations
- Strong critical thinking, problem-solving and creative skills.
- Strong time management skills
- Experience with operating in a highly matrixed environment
- Demonstrated experience supporting risk projects across multiple technology domains
- Excellent analytical and complex problem-solving skills
- Excellent interpersonal and professional communication skills.
- Demonstrated ability to adapt to changes in business needs, strategy, and priorities.
- Strong knowledge of rules, regulations and compliance requirements for the financial services industry concerning hybrid cloud and multiple technology domains specific to the areas of oversight
- Ambitious, decisive, and able to prioritize multiple deliverables and work under tight deadlines
- Familiarity with banking regulatory requirements for IT operations.
- Experience tracking and coordinating large and complex processes.
- Ability to work independently and in a team environment.
- Strong organizational/time management skills and multi-tasking abilities.
- Ability to maintain attention to detail.
- Ability to prioritize and manage duties to meet goals and deadlines.
- Ability to manage multiple projects, be flexible and work with ambiguity.
- Ability to work with a strong sense of urgency.
- Customer-focused with ability to empathize with customer.
- Ability to maintain confidentiality when exposed to sensitive information.
- Proficiency of Microsoft Office programs including: Word, Excel, Outlook etc.
- Ability to manage numerous tasks and projects simultaneously and prioritize work in a highly deadline-intensive environment
For more Info.: https://theucf.info/IdBkie