Commack, NY, United States - Corporate/Back-Office - Posted Mar 3, 2020
Requisition Number: 20000006
The IT Governance, Risk and Compliance (GRC) Analyst, Senior is responsible for executing tasks and participating in projects in support of IT's governance, audit, risk and compliance framework, policies and processes. Under limited direction, audits and assesses risk on the most complex new and existing information systems applications to ensure that appropriate controls exist, that processing is efficient and accurate, and that information systems procedures are in compliance with corporate standards. Understands IT GRC (Governance, Risk and Compliance) concepts, practices, and procedures at the highest levels.
Participates in all aspects of audit activities including risk assessments, planning, testing, control evaluation, documentation, report drafting, issue clearance with technology stakeholders, and follow-up/verification of issue closure. Identifies risks, designs controls and creates testing procedures. Participates in both standalone technology and business integrated audits. Monitors various projects with major application development initiatives, and performing continuous risk assessments of coverage areas. Generates and maintains reporting to accurately reflect the current state of the program to senior management and regulators, while partnering with the Operational Risk Management team to ensure alignment of the NYCB IT risk control and self-assessment with the larger business risk control and self-assessment program and goals. Partners with Audit team members in other business areas to ensure the delivery of a seamless program of control and audit risk coverage. Conducts quality assurance reviews of risk control and self-assessments. Partners with IT teams to identify and correct process control design and execution issues. Facilitates GRC activities as needed with examiners (FDIC). Participates and facilitates monthly, quarterly and annual review activities. Contributes to the continued development of internal controls awareness within the IT organization. Facilitates IT SOX policies, narratives, and control self-assessment documentation. Creates and maintains IT control documentation. Manages application permission review campaigns. Develops recommendations to improve the IT internal control environment. Facilitates the remediation of IT internal control deficiencies. Participates in risk assessment activities across the IT organization, including 3rd party technical risk assessments. Participates in risk management, compliance, and internal control initiatives as needed. Performs technical research on risk topics. Keeps current on latest technologies and best practices relative to their area of responsibility. Recognizes and recommends areas needing improvement. Participates in the development of IT strategies in collaboration with IT peers and the executive team. Ensures compliance with corporate and IT policies and procedures. Integrates corporate methodologies and standards, as appropriate. May provide guidance/training to more junior staff. Performs special projects, and additional duties and responsibilities as required. Where applicable and when performing the responsibilities of the job, employees are accountable to maintain Sarbanes-Oxley compliance and adhere to internal control policies and procedures.
EDUCATION AND EXPERIENCE
Bachelor's degree in Technology, Accounting, Finance or Business or equivalent relevant work experience. Five (5) to eight (8) years of internal controls, audit, information security, risk management or technology process experience. CISA/CISSP/PMP preferred. Financial services experience preferred. Experience with compliance and/or control frameworks preferred. Experience with Sarbanes-Oxley compliance preferred.
KNOWLEDGE, SKILLS AND ABILITIES
Knowledge of COBIT and COSO and Sarbanes Oxley legislation and impact, and other regulations. Basic understanding of key IT impacting banking regulations and standards such as GLBA and PCI. Demonstrated ability to apply analytical skills in dealing with issues that are not readily defined or that conflict with available information. Strong verbal and written communication skills. Solid understanding of industry standard IT general controls. Demonstrated facilitation and project management skills. Willingness to learn. Understanding of business process controls preferred. Computer literate with proficiency in Windows 7, Microsoft Office and Microsoft Project. Excellent planning, time management, and follow through skills. Independent/self-starter. Excellent problem solving skills. Ability to adapt to changing requirements. Ability to document processes, roles, key decisions, and other work session outputs. Attention to detail and ability to implement. Ability to influence others preferred. Ability to maintain organizational relationships with both business and IS. Ability to maintain organizational respect and trust. Ability to handle multiple tasks concurrently. Ability to rely on experience and judgment to plan and accomplish initiatives. Ability to serve as a resource to others in the resolution of complex problems. Ability to delegate and review the work of employees. Ability to maintain a professional composure with clients in difficult situations. Ability to maintain confidentiality with regard to customer information and employee records.
ABOUT NEW YORK COMMUNITY BANK
Based in Westbury, NY, New York Community Bancorp, Inc. is the parent of a New York State-chartered bank - New York Community Bank. At September 30, 2019, the Company had assets of $52.5 billion, deposits of $31.6 billion, and stockholders' equity of $6.7 billion.
Our bank subsidiary features a divisional structure. New York Community Bank serves customers through 239 branches encompassing eight divisions: Queens County Savings Bank, Roslyn Savings Bank, Richmond County Savings Bank, Roosevelt Savings Bank, and Atlantic Bank in New York; Garden State Community Bank in New Jersey; Ohio Savings Bank in Ohio; and AmTrust Bank in Florida and Arizona. With a longstanding reputation of strength, stability and service, NYCB is proud to be committed to the communities it serves.
Branch Out and help recruit top talent for NYCB through the employee referral program. All NYCB employees are encouraged to submit referrals. Locate top talent right in the community where you live, work and play. Amazing individuals are all around be sure to let them know how they can become a part of the NYCB family.
NYCB is an equal opportunity employer that prohibits discrimination in hiring or terms and conditions of employment on the basis of race, color, age, sex, national origin, ethnicity, religion, marital status, disability, military status, veteran status, domestic violence victim status, gender identity or expression, sexual orientation, genetic information or any other classification protected by the federal, state, and local laws and ordinances.
This policy is applicable to all terms and conditions of employment including, but not limited to: recruitment and selection, promotion and demotion, transfer, training and development, compensation, benefits, leaves of absence and termination. When necessary, NYCB will reasonably accommodate employees and applicants with disabilities or with religious requirements necessitating accommodation.
In addition, NYCB complies with all applicable laws which govern nondiscrimination in employment in every location in which NYCB does business.