GRC Sr. Systems Analyst - Chicago IL (hybrid)
In this role, you will be responsible for supporting Information Security Governance, Risk Management, and Compliance initiatives and projects. Responsible for maintaining the GRC application including configuration, updating and testing. Assisting GRMC MSSP with resolving any potential performance issues, and upgrades, and assist in the other GRC areas of Governance and Compliance. Support projects, initiatives and programs of the IS Governance, Risk Management, and Compliance team as requested.
- Work with GRC tool Vendor to coordinate the delivery of the GRC tool and ensure the application is available for internal users and has the expected functionality.
- Track activity, changes in progress, and issues noted and communicate status to the GRMC team as appropriate.
- Act as primary support for TruOps application, administration, maintenance, and configuration.
- Troubleshoot and resolve system performance issues.
- Lead and coordinate application upgrades, software updates/patches, and maintenance items. Liaison with the vendor, coordinate with internal personnel, test functionality, update training material and documentation, communicate changes to users, and facilitate discussions.
- Create and maintain workflows for users, based on process flows defined by the business unit.
- Maintain roles and access and control library.
- Assist with the development, configuration, implementation and maintenance of the IS Risk Register.
- Manage the request for platform enhancement and issues with TruOps.
- Maintain awareness of changes in security risks, security measures, and computer systems assessing new requirements for current and emerging compliance regulations.
- Communicate technical and business problems clearly, and timely in a concise manner to a variety of audiences both internal and external.
- Assist in evaluating the effectiveness of controls in place to mitigate threats and communicate remaining residual risk.
- Provide recommendations to leadership on program effectiveness and enhancements. Report and escalate information security risks appropriately and timely.
ABOUT YOU / THE REQUIRED STUFF
- 7+ years of IT Governance Risk Management and/or Compliance (GRC) practitioner experience
- 2+ years of IT Risk Management / Systems Support experience preferred
- Knowledge of Governance, Risk & Compliance fundamentals such as RSA, MetricStream, IBM or TruOps
- Knowledge of regulatory requirements and laws, including but not limited to FFIEC, NCUA, PCI, SOX, HIPAA, Privacy and GLBA. and ISO 27001/2, ITIL or NIST
- Problem-solving skills, with the ability to manage complex local security requirements
- Written and verbal customer service communication skills, and proven ability to translate security and risk to all levels of the business
- Ability to understand legacy and progressive technology including cloud computing and security controls along with respective risk
- Self-motivated and well-organized, with the vision to position controls in anticipation of threats
- Ability to act with integrity, being inquisitive and adaptable
- Ability to communicate in both technical and business terms, clearly and concisely
- Time management, multitasking, task planning and prioritization skills
- Ability to communicate and gather requirements from large number of project stakeholders
- Knowledge of Word, PowerPoint, Microsoft Excel including data macros and the ability to convert data macros to VBA code modules
- Knowledge of Microsoft Access application (code modules, forms, queries, reports, tables, references, settings)
- Knowledge of project management methodology and analytical troubleshooting and support skills
- Ability to multitask in a fast-paced environment and attention to details
- Any of the following certifications: CRISC, CGEIT, CISM, or CISA
Base salary based on experience and ranges between $125,000 - $155,000 + performance bonus + full benes
