Antares Capital
IT Risk and Compliance Analyst
Antares Capital, Chicago, Illinois, United States, 60290
JOB DESCRIPTION
At Antares, our IT Risk and Compliance team is essential in safeguarding our organization by ensuring adherence to internal and external regulatory standards while mitigating potential risks in our technology landscape. We play a pivotal role in integrating risk management practices that align with our strategic business objectives, enhancing the security and compliance of our technology operations.
We are seeking an IT Risk and Compliance Analyst to support our senior IT professionals with a strong focus on documentation creation and management. Reporting to the VP-IT Risk and Compliance Lead, you will be hands-on in preparing, reviewing, and maintaining critical compliance and control documentation, assisting in risk related deliverables and projects, and ensuring alignment with internal and external regulatory requirements. You will also contribute to the development of risk management strategies, collaborate closely with various departments, and ensure that compliance activities are accurately documented and maintained in an organized manner. This position is crucial in helping Antares maintain the integrity and security of its technology operations.
RESPONSIBILITIES:Participate in Change Advisory Board (CAB) meetings to review proposed changes to IT systems, applications, and infrastructure, ensuring required documentation, testing and approvals are submitted.Ensure changes are implemented in a controlled and coordinated manner to minimize disruptions and maintain technology/business integrity.Assess the impact of proposed changes on operational resilience, cybersecurity controls, and disaster recovery plans.Help track and report on incidents caused by changes implemented.Document and maintain comprehensive IT DR plans, including recovery procedures, roles, and responsibilities, ensuring clear communication channels during incidents.Create and maintain plans for the recovery of IT systems, data, and infrastructure in the event of disasters.Assist in the development and maintenance of IT policies, standards, risk assessments, risk mitigation strategies, IT controls, and compliance documentation. Develop workflows where required and embed them into day-to-day activities.Prepare, organize, and review IT documentation and controls, ensuring accuracy and adherence to agreed requirements.Coordinate with IT, Internal Audit, Enterprise Risk Management, and other teams to ensure compliance and risk documentation meets required standards and tasks are completed within agreed timeframes.Prepare reports and summaries for internal and external audits and track action items related to IT risk and compliance.Collaborate with IT, Cybersecurity, Legal, and Compliance teams to manage and mitigate IT risks.Support third-party risk management by assessing vendors' IT policies and procedures.Help track and report on incidents related to IT risk, cybersecurity, and compliance.Assist in the implementation of IT controls, including control design, testing, and remediation.Participate in special projects related to risk, IT controls and compliance.Provide support in organizing IT risk management awareness programs and training sessions.QUALIFICATIONS
Required:
Bachelor's degree in computer science, information systems, business administration, or a related field.5+ years of experience in IT risk management, compliance and controls, with a focus on documentation.Strong attention to detail and organizational skills.Experience in documentation management within an IT risk or compliance environment.Working knowledge of technical environments and understanding of software development life cycle.Working knowledge of Azure Dev Ops, Service Now, SharePoint, Monday.com and Microsoft Office suite.Working knowledge of Visio or Lucid chart to create or update process flows.Preferred:
Professional certification in risk management or compliance (e.g., CRMA, CCEP).SKILLS:
Understanding of basic IT infrastructure components such as servers, databases, and networks.Knowledge of cloud environments (e.g., AWS, Azure) and related security practices.Understanding of IT change management processes (e.g., ITIL framework).Ability to assess potential security and operational impacts of changes to IT systems, applications, and infrastructure.Knowledge of change control tools (e.g., ServiceNow, Azure DevOps, Jira).Proficiency in incident tracking and management tools (e.g., Jira, Remedy).Ability to document incidents, follow up on action items, and generate reports for senior management.Knowledge of disaster recovery planning, including identifying critical systems and data recovery strategies.Familiarity with business continuity planning (BCP) processes.Ability to document and communicate DR and COB plans, including roles, responsibilities, and procedures.Foundational knowledge of cybersecurity principles, such as access management, data protection, network security, and incident response.Ability to assess IT risks, identify potential threats, and propose mitigation strategies.Familiarity with cybersecurity frameworks like ISO 27001, NIST Cybersecurity Framework (CSF).Understanding of IT regulatory requirements (e.g., GDPR, SOX).Proficiency in document management systems and Microsoft Office Suite (especially Word and Excel).Excellent written communication skills with the ability to draft clear and concise documentation.Ability to organize and maintain large volumes of documentation accurately.Analytical skills to interpret data and support risk assessments.COMPETENCIES
Attention to Detail : Ensuring all documentation is accurate and compliant with regulations.Responsibility : Demonstrating reliability and accountability in managing critical documentation.Integrity : Upholding ethical standards and maintaining confidentiality of sensitive information.Teamwork : Collaborating effectively with colleagues across departments to ensure comprehensive documentation.Time Management : Efficiently organize and prioritize tasks to meet deadlines.Communication : Effective written and verbal communication skills, particularly in documentation.THE FINE PRINT
Must have unrestricted authorization to work in the United States.Must be willing to comply with pre-employment screening, including but not limited to drug testing, reference verification, and background check.Must be willing to work from the Chicago or New York office and travel as necessary.
New York City Only: salary ranges are specific to market location; the salary range for this position is USD $130,000 to $150,000 and eligible for annual bonus. Antares takes into consideration an individual's background, training, transferable skills, business needs, experience and market demands in determining final salary.
Antares is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
#LI-hybrid
#LI-CK1
To learn more, visit www.antares.com. Antares is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
At Antares, our IT Risk and Compliance team is essential in safeguarding our organization by ensuring adherence to internal and external regulatory standards while mitigating potential risks in our technology landscape. We play a pivotal role in integrating risk management practices that align with our strategic business objectives, enhancing the security and compliance of our technology operations.
We are seeking an IT Risk and Compliance Analyst to support our senior IT professionals with a strong focus on documentation creation and management. Reporting to the VP-IT Risk and Compliance Lead, you will be hands-on in preparing, reviewing, and maintaining critical compliance and control documentation, assisting in risk related deliverables and projects, and ensuring alignment with internal and external regulatory requirements. You will also contribute to the development of risk management strategies, collaborate closely with various departments, and ensure that compliance activities are accurately documented and maintained in an organized manner. This position is crucial in helping Antares maintain the integrity and security of its technology operations.
RESPONSIBILITIES:Participate in Change Advisory Board (CAB) meetings to review proposed changes to IT systems, applications, and infrastructure, ensuring required documentation, testing and approvals are submitted.Ensure changes are implemented in a controlled and coordinated manner to minimize disruptions and maintain technology/business integrity.Assess the impact of proposed changes on operational resilience, cybersecurity controls, and disaster recovery plans.Help track and report on incidents caused by changes implemented.Document and maintain comprehensive IT DR plans, including recovery procedures, roles, and responsibilities, ensuring clear communication channels during incidents.Create and maintain plans for the recovery of IT systems, data, and infrastructure in the event of disasters.Assist in the development and maintenance of IT policies, standards, risk assessments, risk mitigation strategies, IT controls, and compliance documentation. Develop workflows where required and embed them into day-to-day activities.Prepare, organize, and review IT documentation and controls, ensuring accuracy and adherence to agreed requirements.Coordinate with IT, Internal Audit, Enterprise Risk Management, and other teams to ensure compliance and risk documentation meets required standards and tasks are completed within agreed timeframes.Prepare reports and summaries for internal and external audits and track action items related to IT risk and compliance.Collaborate with IT, Cybersecurity, Legal, and Compliance teams to manage and mitigate IT risks.Support third-party risk management by assessing vendors' IT policies and procedures.Help track and report on incidents related to IT risk, cybersecurity, and compliance.Assist in the implementation of IT controls, including control design, testing, and remediation.Participate in special projects related to risk, IT controls and compliance.Provide support in organizing IT risk management awareness programs and training sessions.QUALIFICATIONS
Required:
Bachelor's degree in computer science, information systems, business administration, or a related field.5+ years of experience in IT risk management, compliance and controls, with a focus on documentation.Strong attention to detail and organizational skills.Experience in documentation management within an IT risk or compliance environment.Working knowledge of technical environments and understanding of software development life cycle.Working knowledge of Azure Dev Ops, Service Now, SharePoint, Monday.com and Microsoft Office suite.Working knowledge of Visio or Lucid chart to create or update process flows.Preferred:
Professional certification in risk management or compliance (e.g., CRMA, CCEP).SKILLS:
Understanding of basic IT infrastructure components such as servers, databases, and networks.Knowledge of cloud environments (e.g., AWS, Azure) and related security practices.Understanding of IT change management processes (e.g., ITIL framework).Ability to assess potential security and operational impacts of changes to IT systems, applications, and infrastructure.Knowledge of change control tools (e.g., ServiceNow, Azure DevOps, Jira).Proficiency in incident tracking and management tools (e.g., Jira, Remedy).Ability to document incidents, follow up on action items, and generate reports for senior management.Knowledge of disaster recovery planning, including identifying critical systems and data recovery strategies.Familiarity with business continuity planning (BCP) processes.Ability to document and communicate DR and COB plans, including roles, responsibilities, and procedures.Foundational knowledge of cybersecurity principles, such as access management, data protection, network security, and incident response.Ability to assess IT risks, identify potential threats, and propose mitigation strategies.Familiarity with cybersecurity frameworks like ISO 27001, NIST Cybersecurity Framework (CSF).Understanding of IT regulatory requirements (e.g., GDPR, SOX).Proficiency in document management systems and Microsoft Office Suite (especially Word and Excel).Excellent written communication skills with the ability to draft clear and concise documentation.Ability to organize and maintain large volumes of documentation accurately.Analytical skills to interpret data and support risk assessments.COMPETENCIES
Attention to Detail : Ensuring all documentation is accurate and compliant with regulations.Responsibility : Demonstrating reliability and accountability in managing critical documentation.Integrity : Upholding ethical standards and maintaining confidentiality of sensitive information.Teamwork : Collaborating effectively with colleagues across departments to ensure comprehensive documentation.Time Management : Efficiently organize and prioritize tasks to meet deadlines.Communication : Effective written and verbal communication skills, particularly in documentation.THE FINE PRINT
Must have unrestricted authorization to work in the United States.Must be willing to comply with pre-employment screening, including but not limited to drug testing, reference verification, and background check.Must be willing to work from the Chicago or New York office and travel as necessary.
New York City Only: salary ranges are specific to market location; the salary range for this position is USD $130,000 to $150,000 and eligible for annual bonus. Antares takes into consideration an individual's background, training, transferable skills, business needs, experience and market demands in determining final salary.
Antares is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
#LI-hybrid
#LI-CK1
To learn more, visit www.antares.com. Antares is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.