Compliance Risk Analyst Job Description
Compliance risk analyst
provides ongoing maintenance of TFS’ Compliance Management System that is designed to ensure compliance with applicable local, state and federal laws, rules and regulations.
Compliance Risk Analyst Duties & Responsibilities
To write an effective compliance risk analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included compliance risk analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Works with internal and external stakeholders across GW to improve processes, mitigate risks, and remediate vulnerabilities
Works closely with the security operations team, application security team, and system owners to coordinate, track and remediate known vulnerabilities
The Risk and Compliance Analyst supports security processes by reviewing scans of all critical assets, performing ticketing, remediation, and follow-up on all reported critical/high vulnerabilities
Requests the deployment of additional scanners and other resources as needed
Supports the Division of IT Risk Management Standard and application security program
Works with selected vendors as a liaison with stakeholders throughout the University to identify and mitigate risks
Serves as a security consultant for new and existing GW projects
Supporting all areas of the risk and compliance portfolio, including security awareness, PCI compliance, and research compliance by writing reports, communicating with stakeholders, and collaborating with the security operations team
Assist in SOX compliance programs to help meet Corporate Accounting requirements
Supports deployment of best practices in compliance and risk management across line of business
Compliance Risk Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Compliance Risk Analyst
List any licenses or certifications required by the position: CISA, CISSP, CISM, CRISC, CRCM, GSEC, ATO, CIA, ISO, ITIL
Education for Compliance Risk Analyst
Typically a job would require a certain level of education.
Employers hiring for the compliance risk analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Finance, Business, Computer Science, Accounting, Sound, Graduate, Information Systems, Management, Criminal Justice, Education
Skills for Compliance Risk Analyst
Desired skills for compliance risk analyst include:
English
Applicable Compliance rules and procedures in general
French
French and Dutch
Interested in getting to know the bank's structures
Processes and governance requirements related to Compliance Risk Management
Federal and state banking laws and regulations
Bank operations
Banking operations
Relevant soft ware applications
Desired experience for compliance risk analyst includes:
Capable of working independently, in team / collaborative settings
Fundamental understanding of risk-based information security management, knowledge of applicable regulations, standards, and guidelines pertaining to information assurance (FIPS, NIST, ISO Standards)
Consulting skills (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management)
Familiarity with privacy laws, data protection/security regulations, and frameworks, such as BITS, SOC 2, COBIT
Performing IT self-assessments
3-6 years of risk management and/or internal control experience including experience as an IT auditor or examiner
Compliance Risk Analyst Examples
1
Compliance Risk Analyst Job Description
Job Description Example
Our company is looking for a compliance risk analyst. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for compliance risk analyst
- Analyze MPL (Master Product List) and identify deals that are breaking on Product code
- All work performed is moderately supervised
- Coordinate flow of information between various risk committees and model stakeholder groups
- Monitor remediation plan efforts
- Monitor results of model testing and review by Model Owners
- Assemble committee report packets and Top Risk scorecards
- Administer various program sites and databases
- Assemble standard and adhoc reporting
- Assist with program compliance by reviewing new and existing regulatory standards
- Track issues and MRA responses
Qualifications for compliance risk analyst
- Integrate with a team of skilled information technology security professionals demonstrating competence in the application of the security authorization guidelines and procedures
- Communicate and present to stakeholders on the FISMA compliance status of your assigned systems
- Work with the FISMA Tool IACS/Xacta to develop SA related documentation and track POA&M and vulnerability status
- Demonstrate knowledge of the NIST 800 publications governing the FISMA Act
- Ability to manipulate data in order to conduct sound and accurate analysis regarding output in the capabilities listed above
- Ability to learn and assist in managing TSA-specific FISMA Compliance dashboards and applications
2
Compliance Risk Analyst Job Description
Job Description Example
Our company is hiring for a compliance risk analyst. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for compliance risk analyst
- Maintains expertise on security trends through training, research and development in order to mitigate potential security exposures
- Develop and utilize collaborative networks with key contacts within and outside of their immediate organization
- Reviews existing and helps facilitate the development and documentation for new TO Policies and Standards
- The Analyst will be involved in all areas of IT Risk & Compliance
- The Analyst performs risk assessments for IT
- Collect and update policy, procedure and/or process documents, preferably in a GRC tool such as Allgress, Archer
- Ensures overall compliance with regulatory requirements, including but not limited to PCI, SOX, HIPAA
- Conducts assessments to identify gaps and make sound recommendations for improvement
- Assists with the build out of an enterprise GRC technology platform
- Conduct routine review & analysis of bank customers (individuals/entities), related parties (owners, board of directors, executives) and/or transactions that present a low degree of complexity and risk to determine appropriateness for organization
Qualifications for compliance risk analyst
- Proven, in-depth technical knowledge of Information Security principles and process and writing IT policy preferred
- Possesses Awareness of auditing standards and frameworks
- Experienced in all aspects of project governance, security and integrity management
- Certified Information Systems Auditor (CISA) and Information Technology Infrastructure Library preferred preferred
- Ability to work independently in a team environment including multi-level staff and external partners
- Bachelor's degree in Computer Information Systems, Information Technology, or related field is required
3
Compliance Risk Analyst Job Description
Job Description Example
Our innovative and growing company is looking to fill the role of compliance risk analyst. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for compliance risk analyst
- Administers and completes complex tasks such as data gathering or manipulation, system or process creation and implementation
- Performs analysis and reviews risk data providing insightful recommendations and opinions
- Creates complex reports for meeting with Federal Examiners, internal and external auditors, and with clients
- Participates and may lead training and the work of complex projects
- Review account reconciliations and journal entries based upon understanding of risks
- Ensure issues and associated root causes are understood and well defined
- Run and distribute recurring reports
- Develop, document, and execute compliance audit reporting in partnership with more senior team members
- Analyze reports for trends and issues
- Modify existing reports as directed
Qualifications for compliance risk analyst
- 2+ years of experience collaborating in teams and working within the areas of Internal Audit, Technology Governance, Risk Assurance, and/or Internal Controls
- Familiarity with COSO/COBIT internal control framework a plus
- Document findings and track to remediation using GRC tool
- Review documented IT security controls
- Interview internal control owners to determine how controls are implemented
- Provide feedback to control owners in regards to IT security controls
4
Compliance Risk Analyst Job Description
Job Description Example
Our company is growing rapidly and is hiring for a compliance risk analyst. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for compliance risk analyst
- Consult and partner with the Corporate Technology Group in the implementation of new processes and enhancements to existing pre- and post-trade compliance monitoring, reporting, and trading systems
- Work closely with internal and external auditors, regulators, and examiners to coordinate documentation requests, reports, and assurance letters
- Participate in information security awareness and training initiatives
- Assist in tracking and maintenance of action plans for the resolution of issues identified during assessment and audits
- Serves as subject matter expert in specialized aspects of information security and emerging and advanced technologies
- Supports enterprise in all aspects of information security administration
- Consults with IT and business units on the purchase and/or design of complex and/or strategically significant information security projects, emerging technologies, or technology-related services before they are implemented
- Analyzes business data use processes against vulnerabilities and threats and counsels business units on consequences
- Collaborates with cross-functional teams responsible for information systems security to ensure the confidentiality, integrity, and availability of data stored, processed and transmitted
- Engages with operating, storage, regulatory, engineering, HR, legal, and training units to evaluate and implement security process for critical infrastructure and key resources
Qualifications for compliance risk analyst
- Direct experience with audit frameworks, including SSAE 16 SOC 2 and SOX
- Familiarity with industry-standard security frameworks, including ISO 27001 and NIST 800-5
- Self-motivated with the ability to seek out and engage with people in the organization
- Flexible and collaborative with peer
- 1-3 years of related experience within professional services IT
- Experience with data analysis applications such as ACL, SQL, or Access preferred
5
Compliance Risk Analyst Job Description
Job Description Example
Our company is hiring for a compliance risk analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for compliance risk analyst
- Maintain knowledge of, and contribute to, IT General Controls, SOC 1&2 controls, and ISO 27000 security controls
- Work with auditors and vendors who support security maturity development, and with internal and external auditors
- Lead or participate in various security, risk management, and other initiatives
- Develop/implement IT security training and awareness for both technical and non-technical audiences
- Develop policies and procedures as they relate to IT security and risk management
- Effectively communicate new policies and procedures to relevant employees
- Provide guidance on standards and regulations, such as PCI DSS, EU GDPR, and FDA CFR that can be easily understood by the businesses
- Assist in data protection program initiatives
- Evaluate effectiveness of existing controls and determining the impact of proposed changes to business processes, applications and systems
- Communicate identified security risks to appropriate parties to ensure a clear understanding of the risks potential mitigations
Qualifications for compliance risk analyst
- Willingness to travel 40-90% within national and global travel expectations
- BA/BS in Business Administration, Accounting, Computer Science, Information Systems Administration, Engineering or related field
- Proven ability to work independently, collaboratively, in day to day work, work on projects, and other assignments
- Experience with an industry accepted GRC platform such as Archer, Keylight, MetricStream
- Proficient in Microsoft Office Applications, Excel, Word, Access
- Bachelor’s Degree or higher strongly preferred with experience in Internal Audit (IT Audit preferred), IT Risk & Compliance, or Information Security