Lead Cloud Risk and Controls Analyst - Synechron Irving, TX, USA Bookmark Share Print 127 0 0

Listing Description

Primary Responsibilities:

• Identify risk, assess residual risk, and coordinate Corrective Action Plan (CAP) completion through collaboration with information security and engineering teams

• Negotiate with IA (Internal Audit; Third Line of Defense) and ORM (Operational Risk Management; Second Line of Defense), and with Policy Owners when more cloud-friendly policy changes need to be influenced

• Advise engineers on application of Policy across multiple concurrent technology domains such as compute, container, DB, middleware, etc.

• Research origins of Policy in Regulations collaboratively with ICRM (Independent Compliance Risk Management)

• Engage with and lead advocacy efforts with regulators in Asia and EMEA on Public Cloud in partnership with Government Affairs and Regulatory Engagement teams.

• Design processes for building and maintaining services in Public Cloud with control in mind

• Maintain continual assessment of Management Controls Assessment (MCA) Efficacy for Public Cloud

• Monitor exceptions to dispute policy and identify common root causes of exceptions.

• Leverage data to examine impacts to Customer Experience and Regulatory breaks.

• Appropriately assess risk and demonstrate consideration for the firm's reputation and safeguard the supported client, its clients, and assets, by:

• Driving compliance with applicable laws, rules and regulations

• Adhering to Policy

• Applying sound ethical judgment regarding personal behavior, conduct and business practices

• Escalating, managing, and reporting control issues with transparency

• Influence Application Teams on best practices for MCA

Qualifications:

• Undergraduate degree in related field or equivalent experience

• Relevant work experience in Technology Risk & Controls in a large organization in a heavily regulated industry

• Relevant work experience in Public Cloud Technology (Amazon Web Services, Google Cloud Platform, Snowflake, MongoDB Atlas, Azure, etc.)

• MS Excel required. MS Access, SQL a plus.

• Consistent, clear, and concise written communication skills

• Ability to explain concepts consistently to stakeholders, including non-technical audiences

• Ability to firmly communicate the requirements and position of Policy that must be satisfied

• Ability to see the big picture with high attention to critical details

• Demonstrated ability to develop and implement strategy and process improvement initiatives

• Demonstrated ability to influence change and common-sense approaches to modern risk complexity

• Demonstrable interest in Public Cloud risk identification and mitigation

• Strong collaboration and interpersonal skills