Regulatory Compliance - System Incident Assessment Control

03 Jul 2024

Vacancy expired!

NO SPONSORSHIPSenior Associate, Regulatory ComplianceSALARY: $65k - $85k FLEXLOCATION: CHICAGO, IL / DALLAS, TXSELLING POINTS: System Incident Assessment Control Development Risk identification mitigation compliance SCI SEC CFTC incident reporting monitor metrics and KPIs 2-3 years compliance risk management audit incident management problem management cloud COBIT NIST COSO ISO CMMIThe Senior Associate (IT/Security) will support the continued development and implementation of the Systems Incident Assessment and Reporting program which includes: management and handling of systems incidents, event classification and impact assessment, corrective action, regulatory reporting, and notification to regulators and other external parties, as well as process documentation (policy, procedure, job aids), control development, and risk identification and mitigation.This role is highly focused on review of the organization’s compliance with applicable regulatory, legal rules, and requirements (i.e., SEC, CFTC, Federal Reserve, etc.) as they relate to systems incident reporting for SCI entities and other IT/Security groups.

Primary Duties and Responsibilities:
  • Act as an advisor to stakeholders for systems incident analysis related to systems disruptions, compliance issues, and intrusions that impact clearing and settlement processes.
  • Facilitate the response, handling, and reporting of systems incidents in partnership with Legal, Information Technology, Business Operations, etc. to provide adequate and timely notice to the SEC, CFTC, and or other regulators
  • After hours or weekend work may be required in to support stakeholders in response to systems incidents.
  • Participate in the design and implementation, as well as execution and management of new workflows for the tracking and monitoring of systems incidents to ensure regulatory timelines are met.
  • Identify and recommend opportunities for process improvements regarding systems incident assessment, management, and escalation processes
  • Monitor daily systems incident reporting and participate in systems incident recap meetings on a weekly basis, or as needed.
  • Develop, implement, and monitor metrics and KPI’s to identify, analyze, and articulate trends resulting from systems incidents.
  • Develop and participate in the facilitation of regular or ad-hoc training to the organization
  • Provide routine and ad-hoc reporting
  • Provide assistance and guidance in the assessment and classification of system criticality for Business Applications.
  • Support other departmental activities and initiatives, as required, including assessment of compliance risks, supporting regulatory reporting and compliance reporting, etc.
  • Contribute to the development, maintenance, and continuous improvement of IT and Security processes, remediation of IT and Security related findings or observations and updates to related policies, procedures, and controls
  • Interpret policies, laws, and regulations and assists the organization in determining applicability and implementation strategy

Qualifications:
  • The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
  • 2-3 years of experience in Compliance, Risk Management, Audit, Systems Incident Analysis, Problem Management, Information Security or related field required
  • Excellent organizational, written and oral communication skills.
  • Comprehensive analytical, conceptual, and problem-solving skills.
  • Demonstrated ability to gather, analyze, and evaluate facts and prepare and present concise oral and written reports.
  • Ability to work independently and as a member of a team, collaborating with internal business clients from different departments and at various levels of seniority.
  • Proficiency with MS Office software, GRC tools and web-based reporting tools.

Recommended, but not required:
  • Familiarity with the use of risk and control frameworks, and process improvement frameworks, including for Cloud environments (e.g. COBIT, NIST CSF, NIST 800-53, COSO, ITIL, ISO 27001, ISO 9001, CMMI)
  • Familiarity with Systems Development Life Cycle (SDLC) agile process and Secure Software Development Lifecycle

Technical Skills:
  • [Required] Proficiency with MS Office software | [Preferred] Experience using an integrated risk management system (such as RSA Archer), Document Management tools, and reporting tools
  • Bachelor’s degree or equivalent required

  • ID: #43802089
  • State: Texas Dallas / fort worth 75201 Dallas / fort worth USA
  • City: Dallas / fort worth
  • Salary: $65,000 - $85,000
  • Job type: Permanent
  • Showed: 2022-07-03
  • Deadline: 2022-08-20
  • Category: Et cetera