Senior IT Governance Analyst

Location:

Job Summary

The First Line of Defense IT Governance Analyst is responsible for assessing and providing guidance on implementing and managing risk controls within the Enterprise Technology Services business unit. This role ensures compliance with internal policies and external regulations, while maintaining effective governance practices. The Governance Analyst will work closely with various departments to develop and maintain governance practices, liaise on internal audits and external exams, and formulate and implement remediation of findings. This position plays a crucial role in fostering a culture of risk awareness and proactive risk management within the organization.

As an IT Governance Analyst, you will collaborate with a diverse and talented group of professionals, including Business Risk and Controls (BRC), Technology Owning Teams, Enterprise Security Services, IT Service Management, Variance Oversight, Key's Second and Third Lines of Defense, as well as various levels of management.

Responsibilities

• Review risks and controls to support effective oversight and compliance with risk management requirements.
• Partner with Enterprise Technology Services teams to influence the implementation of operational practices, including Standards, Procedures, Metrics and Control Procedures, to mitigate risk within appetite.
• Ensure Enterprise Technology Services IT Standards clearly communicate requirements and are defensible with evidence to be produced upon request.
• Ensure Enterprise Technology Services Metrics are appropriate and measure risk of primary functions within the business unit.
• Assist with audits and regulatory examinations, ensuring clear, thorough and timely responses to inquiries and findings.
• Escalate and report any significant risk issues and facilitate appropriate corrective actions.
• Work across technologies to gain a broad and deep understanding of operational, security and risk controls in order to help pull together both ad-hoc and formal regulatory requests.
• Assist teams through interpretations of security and risks gaps and serve as a consultant to help identify solutions or document existing controls for mitigation.
• Help technology teams define and automate new controls and provide consultation and guidance on existing manual controls that can be updated.

Required Qualifications

• Minimum of 3 years' industry experience, within Operational Risk, Enterprise Risk, Technology Risk, Information Security Risk, External/Internal Audit or in the technology or information security lines of business.
• Bachelor's Degree or equivalent experience.
• Outstanding active listening skills
• Demonstrated ability to work with internal and external auditors and regulators.
• Ability to think strategically coupled with the ability to drive to execution
• Ability to view risk holistically within a dynamic, fast paced team environment
• Practical knowledge of internal controls and applicable techniques for implementation of compliance and legal requirements and operational processes.
• Proficient PC skills with experience in Microsoft Office, Teams, Outlook and, SharePoint Teams, and the proven ability to learn how to use other unique technologies.
• Manage workflows and task assignment to ensure timely completion of work
• Have an execution oriented, process efficiency and continuous improvement mindset
• Possessing intellectual curiosity and a passion for seeking to understand

Preferred Qualifications

• Experience working in the financial services industry and or a risk governance role within a financial institution
• Current and practical knowledge of Technology and/or Information Security activities, challenges, and workflows
• Industry certifications
• Foundational knowledge of Archer GRC preferred

Competencies and Skills

• Demonstrated experience working with regulatory agencies, guidelines and requirements
• Strong ability to work with all levels of management within the company
• Experience working/managing projects across multiple functional areas and dealing with multiple business partners
• Experience working on initiatives that require strategic planning/thinking
• Flexibility to switch priorities based on the needs of the company in a fast-paced environment
• Ability to grasp complex processes quickly and be able to identify risks and compensating controls
• Excellent problem-solving abilities and results oriented; able to make decisions independently
• Proven ability to work as a team
• Strong leadership skills and ability to influence others
• Sound understanding of compliance and operational risks and internal control frameworks
• Strong analytical/research skills coupled with ability to effectively summarize findings
• Excellent oral, written and interpersonal skills
• Excellent organizational skills and meticulous attention to detail
• Self-motivated

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $110,000.00 to $125,000.00 annually depending on job-related factors such as level of experience. Compensation for this role also includes eligibility for short-term incentive compensation and deferred incentive compensation subject to individual and company performance. Please click here for a list of benefits for which this position is eligible

Please click here for a list of benefits for which this position is eligible.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.