Synechron
Public Cloud Risk and Controls Analyst Lead
Synechron, Irving, Texas, United States, 75084
We are
At Synechron, we believe in the power of digital to transform businesses for the better. Our global consulting firm combines creativity and innovative technology to deliver industry-leading digital solutions. Synechron's progressive technologies and optimization strategies span end-to-end Artificial Intelligence, Consulting, Digital, Cloud & DevOps, Data, and Software Engineering, servicing an array of noteworthy financial services and technology firms. Through research and development initiatives in our FinLabs we develop solutions for modernization, from Artificial Intelligence and Blockchain to Data Science models, Digital Underwriting, mobile-first applications and more. Over the last 20+ years, our company has been honored with multiple employer awards, recognizing our commitment to our talented teams. With top clients to boast about, Synechron has a global workforce of 14,500+, and has 58 offices in 21 countries within key global markets.
Our challenge
We are looking for a highly skilled candidate who would Identify risk, assess residual risk, and coordinate Corrective Action Plan (CAP) completion through collaboration with information security and engineering teams Negotiate with IA (Internal Audit; Third Line of Defence) and ORM (Operational Risk Management; Second Line of Defence), and with Policy Owners when more cloud-friendly policy changes need to be influenced.
Additional Information*
The base salary for this position will vary based on geography and other factors. In accordance with law, the base salary for this role if filled within Irving, TX is $130k - $140k/year & benefits (see below).
The Role
Responsibilities
:Advise engineers on application of Policy across multiple concurrent technology domains such as compute, container, DB, middleware, etc.Research origins of Policy in Regulations collaboratively with ICRM (Independent Compliance Risk Management)Engage with and lead advocacy efforts with regulators in Asia and EMEA on Public Cloud in partnership with Government Affairs and Regulatory Engagement teams.Design processes for building and maintaining services in Public Cloud with control in mindMaintain continual assessment of Management Controls Assessment (MCA) Efficacy for Public CloudMonitor exceptions to dispute policy and identify common root causes of exceptions.Leverage data to examine impacts to Customer Experience and Regulatory breaks.Appropriately assess risk and demonstrate consideration for the firm's reputation and safeguard Citigroup, its clients, and assets, by:Driving compliance with applicable laws, rules and regulationsAdhering to PolicyApplying sound ethical judgment regarding personal behavior, conduct and business practicesEscalating, managing, and reporting control issues with transparencyInfluence Application Teams on best practices for MCARequirements:
You are:
Undergraduate degree in related field or equivalent experience7+ years relevant work experience in Technology Risk & Controls in a large organization in a heavily regulated industry3+ years relevant work experience in Public Cloud Technology (Amazon Web Services, Google Cloud Platform, Snowflake, MongoDB Atlas, Azure, etc.)MS Excel required. MS Access, SQL a plus.Consistent, clear, and concise written communication skillsAbility to explain concepts consistently to stakeholders, including non-technical audiencesAbility to firmly communicate the requirements and position of Policy that must be satisfiedAbility to see the big picture with high attention to critical detailsDemonstrated ability to develop and implement strategy and process improvement initiativesDemonstrated ability to influence change and common-sense approaches to modern risk complexityDemonstrable interest in Public Cloud risk identification and mitigationStrong collaboration and interpersonal skills.It would be great if you also had:
Experience working directly with regulators of the financial industry in Asia regionally, or Singapore locally.Risk certifications such as the CIA, CISSP, CISA, CRISC, CGEIT, CDPSE, etc.Certifications in Public Cloud such as AWS Certified Cloud Practitioner, or AWS Certified Security SpecialtyExperience working with NIST, COBIT, ITIL, CSA, and/or ISO risk and ITSM frameworksExperience in an influence management discipline such as project management or product managementFamiliarity with DevOps and SRE practicesExperience with cloud infrastructure and data services (compute, storage, networking and others).We can offer you:
A highly competitive compensation and benefits packageA multinational organization with 58 offices in 21 countries and the possibility to work abroadLaptop and a mobile phone10 days of paid annual leave (plus sick leave and national holidays)Maternity & Paternity leave plansA comprehensive insurance plan including: medical, dental, vision, life insurance, and long-/short-term disability (plans vary by region)Retirement savings plansA higher education certification policyCommuter benefits (varies by region)Extensive training opportunities, focused on skills, substantive knowledge, and personal development.On-demand Udemy for Business for all Synechron employees with free access to more than 5000 curated coursesCoaching opportunities with experienced colleagues from our Financial Innovation Labs (FinLabs) and Center of Excellences (CoE) groupsCutting edge projects at the world's leading tier-one banks, financial institutions and insurance firmsA flat and approachable organizationA truly diverse, fun-loving and global work culture
S
YNECHRON'S DIVERSITY & INCLUSION STATEMENT
Diversity & Inclusion are fundamental to our culture, and Synechron is proud to be an equal opportunity workplace and is an affirmative action employer. Our Diversity, Equity, and Inclusion (DEI) initiative 'Same Difference' is committed to fostering an inclusive culture - promoting equality, diversity and an environment that is respectful to all. We strongly believe that a diverse workforce helps build stronger, successful businesses as a global company. We encourage applicants from across diverse backgrounds, race, ethnicities, religion, age, marital status, gender, sexual orientations, or disabilities to apply. We empower our global workforce by offering flexible workplace arrangements, mentoring, internal mobility, learning and development programs, and more.
All employment decisions at Synechron are based on business needs, job requirements and individual qualifications, without regard to the applicant's gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.
Candidate Application Notice
At Synechron, we believe in the power of digital to transform businesses for the better. Our global consulting firm combines creativity and innovative technology to deliver industry-leading digital solutions. Synechron's progressive technologies and optimization strategies span end-to-end Artificial Intelligence, Consulting, Digital, Cloud & DevOps, Data, and Software Engineering, servicing an array of noteworthy financial services and technology firms. Through research and development initiatives in our FinLabs we develop solutions for modernization, from Artificial Intelligence and Blockchain to Data Science models, Digital Underwriting, mobile-first applications and more. Over the last 20+ years, our company has been honored with multiple employer awards, recognizing our commitment to our talented teams. With top clients to boast about, Synechron has a global workforce of 14,500+, and has 58 offices in 21 countries within key global markets.
Our challenge
We are looking for a highly skilled candidate who would Identify risk, assess residual risk, and coordinate Corrective Action Plan (CAP) completion through collaboration with information security and engineering teams Negotiate with IA (Internal Audit; Third Line of Defence) and ORM (Operational Risk Management; Second Line of Defence), and with Policy Owners when more cloud-friendly policy changes need to be influenced.
Additional Information*
The base salary for this position will vary based on geography and other factors. In accordance with law, the base salary for this role if filled within Irving, TX is $130k - $140k/year & benefits (see below).
The Role
Responsibilities
:Advise engineers on application of Policy across multiple concurrent technology domains such as compute, container, DB, middleware, etc.Research origins of Policy in Regulations collaboratively with ICRM (Independent Compliance Risk Management)Engage with and lead advocacy efforts with regulators in Asia and EMEA on Public Cloud in partnership with Government Affairs and Regulatory Engagement teams.Design processes for building and maintaining services in Public Cloud with control in mindMaintain continual assessment of Management Controls Assessment (MCA) Efficacy for Public CloudMonitor exceptions to dispute policy and identify common root causes of exceptions.Leverage data to examine impacts to Customer Experience and Regulatory breaks.Appropriately assess risk and demonstrate consideration for the firm's reputation and safeguard Citigroup, its clients, and assets, by:Driving compliance with applicable laws, rules and regulationsAdhering to PolicyApplying sound ethical judgment regarding personal behavior, conduct and business practicesEscalating, managing, and reporting control issues with transparencyInfluence Application Teams on best practices for MCARequirements:
You are:
Undergraduate degree in related field or equivalent experience7+ years relevant work experience in Technology Risk & Controls in a large organization in a heavily regulated industry3+ years relevant work experience in Public Cloud Technology (Amazon Web Services, Google Cloud Platform, Snowflake, MongoDB Atlas, Azure, etc.)MS Excel required. MS Access, SQL a plus.Consistent, clear, and concise written communication skillsAbility to explain concepts consistently to stakeholders, including non-technical audiencesAbility to firmly communicate the requirements and position of Policy that must be satisfiedAbility to see the big picture with high attention to critical detailsDemonstrated ability to develop and implement strategy and process improvement initiativesDemonstrated ability to influence change and common-sense approaches to modern risk complexityDemonstrable interest in Public Cloud risk identification and mitigationStrong collaboration and interpersonal skills.It would be great if you also had:
Experience working directly with regulators of the financial industry in Asia regionally, or Singapore locally.Risk certifications such as the CIA, CISSP, CISA, CRISC, CGEIT, CDPSE, etc.Certifications in Public Cloud such as AWS Certified Cloud Practitioner, or AWS Certified Security SpecialtyExperience working with NIST, COBIT, ITIL, CSA, and/or ISO risk and ITSM frameworksExperience in an influence management discipline such as project management or product managementFamiliarity with DevOps and SRE practicesExperience with cloud infrastructure and data services (compute, storage, networking and others).We can offer you:
A highly competitive compensation and benefits packageA multinational organization with 58 offices in 21 countries and the possibility to work abroadLaptop and a mobile phone10 days of paid annual leave (plus sick leave and national holidays)Maternity & Paternity leave plansA comprehensive insurance plan including: medical, dental, vision, life insurance, and long-/short-term disability (plans vary by region)Retirement savings plansA higher education certification policyCommuter benefits (varies by region)Extensive training opportunities, focused on skills, substantive knowledge, and personal development.On-demand Udemy for Business for all Synechron employees with free access to more than 5000 curated coursesCoaching opportunities with experienced colleagues from our Financial Innovation Labs (FinLabs) and Center of Excellences (CoE) groupsCutting edge projects at the world's leading tier-one banks, financial institutions and insurance firmsA flat and approachable organizationA truly diverse, fun-loving and global work culture
S
YNECHRON'S DIVERSITY & INCLUSION STATEMENT
Diversity & Inclusion are fundamental to our culture, and Synechron is proud to be an equal opportunity workplace and is an affirmative action employer. Our Diversity, Equity, and Inclusion (DEI) initiative 'Same Difference' is committed to fostering an inclusive culture - promoting equality, diversity and an environment that is respectful to all. We strongly believe that a diverse workforce helps build stronger, successful businesses as a global company. We encourage applicants from across diverse backgrounds, race, ethnicities, religion, age, marital status, gender, sexual orientations, or disabilities to apply. We empower our global workforce by offering flexible workplace arrangements, mentoring, internal mobility, learning and development programs, and more.
All employment decisions at Synechron are based on business needs, job requirements and individual qualifications, without regard to the applicant's gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.
Candidate Application Notice