Simmons Bank
IT Compliance Analyst III
Simmons Bank, Dallas, Texas, United States, 75215
It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
The IT Compliance Analyst is critical to Simmons' IT program. The IT Compliance Analyst is involved in the development, assessment, and maintenance of IT internal controls. The individual is also tasked with documentation, oversight, and/or management of self-identified issues within the IT department. The individual is responsible for understanding the IT general controls frameworks and requirements of a stable IT organization as well as understanding the risks that are relevant to reporting and assessing IT controls.
Essential Duties and Responsibilities Coordinate with IT control owners to document, maintain and perform IT control activities Perform inquiries and author narratives in the satisfaction of the control expectations contained within the Cyber Risk Institute's Cyber Profile v2.0 Assist with the identification of key risk exposures within the IT department and bank in general Work with management to provide insight into potential IT risks and process improvements to support qualitative/quantitative improvements in IT control operations to eliminate deficiencies/improve processes/controls Effectively communicate a clear and concise overview of information security risk exposures and escalate as appropriate Document issue descriptions and remediation plans for key risk exposures within the IT department Establish accountability with risk exposure owners and track open IT findings/issues to timely resolution Serve as liaison between the functional units inside the IT department and various internal & external stakeholders including, but not limited to the Chief Risk Officer's enterprise-level Risk Management organization, internal and external IT auditors, state & federal regulators and other privacy & compliance assessors Other projects, as assigned, including cross-training in the other roles within the IT Risk Management team and providing periodic cross-functional support as needed Qualifications To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
Skills
Demonstrated knowledge of IT internal control concepts and auditing standards Experience with CRI Cyber Profile v2.0 or other relevant IT frameworks such as ITIL, COBIT, and NIST Demonstrated experience with IT documentation and governance processes Experience with Governance, Risk and Compliance (GRC) software and processes Deep understanding of the full stack of technologies governed by IT controls including applications, databases, operating systems and network management systems Exposure to information security best practices especially as it pertains to cyber security and data loss prevention Working knowledge of common IT general controls topics including user administration, security, change management, batch processing, robotic processing automation, and other emerging risks Previous Banking or Financial Service industries experience is a plus Education and/or Experience
Bachelor's Degree in Information Technology, IT Security, IT Audit or related field OR 2 additional years of directly related IT and/or IT audit experience CISA Certification or similar (CISSP, CGEIT, CRISC, etc.) IT security and/or IT audit certification is preferred 6+ years relevant experience Other Qualifications (including physical requirements)
Proficient in use of desktop software, including Microsoft Office suite Must possess excellent telephone and videoconferencing skills to enable live collaboration in a distributed team Strong organizational, problem solving, and planning skills with the ability to set priorities Ability to work independently with limited supervisory input May be requested to travel between the DFW, TX & Little Rock, AR areas up to 5% per year
Equal Employment Opportunity Information: Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications. Simmons First National Corporation and its subsidiaries are committed to Affirmative Action Programs consisting of results-oriented procedures to ensure equal employment opportunities. These programs require positive action in lieu of neutral non-discrimination and merit hiring/performance policies.
We're committed to bringing passion and customer focus to the business.
The IT Compliance Analyst is critical to Simmons' IT program. The IT Compliance Analyst is involved in the development, assessment, and maintenance of IT internal controls. The individual is also tasked with documentation, oversight, and/or management of self-identified issues within the IT department. The individual is responsible for understanding the IT general controls frameworks and requirements of a stable IT organization as well as understanding the risks that are relevant to reporting and assessing IT controls.
Essential Duties and Responsibilities Coordinate with IT control owners to document, maintain and perform IT control activities Perform inquiries and author narratives in the satisfaction of the control expectations contained within the Cyber Risk Institute's Cyber Profile v2.0 Assist with the identification of key risk exposures within the IT department and bank in general Work with management to provide insight into potential IT risks and process improvements to support qualitative/quantitative improvements in IT control operations to eliminate deficiencies/improve processes/controls Effectively communicate a clear and concise overview of information security risk exposures and escalate as appropriate Document issue descriptions and remediation plans for key risk exposures within the IT department Establish accountability with risk exposure owners and track open IT findings/issues to timely resolution Serve as liaison between the functional units inside the IT department and various internal & external stakeholders including, but not limited to the Chief Risk Officer's enterprise-level Risk Management organization, internal and external IT auditors, state & federal regulators and other privacy & compliance assessors Other projects, as assigned, including cross-training in the other roles within the IT Risk Management team and providing periodic cross-functional support as needed Qualifications To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
Skills
Demonstrated knowledge of IT internal control concepts and auditing standards Experience with CRI Cyber Profile v2.0 or other relevant IT frameworks such as ITIL, COBIT, and NIST Demonstrated experience with IT documentation and governance processes Experience with Governance, Risk and Compliance (GRC) software and processes Deep understanding of the full stack of technologies governed by IT controls including applications, databases, operating systems and network management systems Exposure to information security best practices especially as it pertains to cyber security and data loss prevention Working knowledge of common IT general controls topics including user administration, security, change management, batch processing, robotic processing automation, and other emerging risks Previous Banking or Financial Service industries experience is a plus Education and/or Experience
Bachelor's Degree in Information Technology, IT Security, IT Audit or related field OR 2 additional years of directly related IT and/or IT audit experience CISA Certification or similar (CISSP, CGEIT, CRISC, etc.) IT security and/or IT audit certification is preferred 6+ years relevant experience Other Qualifications (including physical requirements)
Proficient in use of desktop software, including Microsoft Office suite Must possess excellent telephone and videoconferencing skills to enable live collaboration in a distributed team Strong organizational, problem solving, and planning skills with the ability to set priorities Ability to work independently with limited supervisory input May be requested to travel between the DFW, TX & Little Rock, AR areas up to 5% per year
Equal Employment Opportunity Information: Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications. Simmons First National Corporation and its subsidiaries are committed to Affirmative Action Programs consisting of results-oriented procedures to ensure equal employment opportunities. These programs require positive action in lieu of neutral non-discrimination and merit hiring/performance policies.