Sr IT Risk & Compliance Analyst

Job Title: Sr. IT Risk & Compliance Analyst Location: Chicago, IL Duration: 12+ Months Contract Onsite/Hybrid Role Required: Risk & Compliance ANalyst, Certifications, CISA, Risk, Compliance, Control testing Job Description: Responsibilities will include but are not limited to: • Collaborate with IT personnel to understand operational processes to identify process improvement opportunities, control gaps and provide control recommendations. • Responsible for developing and maintaining process and control documentation, including but not limited to narratives and flowcharts for key IT processes. • Assist with the implementation and execution of processes within the IT Risk & Compliance group that supports the proactive evaluation, identification and monitoring of IT risks and controls. • Assist with building an IT control testing program to periodically evaluate IT controls for effectiveness and ensure alignment with control frameworks. • Assist with implementing continuous monitoring of IT controls and working with data for efficient control testing. • Assist with maintaining the IT policy and procedure library including executing a process to ensure documents, standards and other related materials remain current. • Perform various reviews, as necessary to validate compliance with IT policies, regulatory requirements, and other internal frameworks. • Lead and assist in periodic risk and control self-assessments. • Collaborate with 2nd and 3rd line to maintain alignment with risk position and control testing. • Assist IT personnel with the development, maintenance, and monitoring of KRIs and KPIs, including providing value added feedback and recommendations when tolerances are exceeded, or metrics require revision. • Assist with other duties as assigned. QUALIFICATIONS AND EDUCATION REQUIREMENTS • Bachelor’s degree in technology, Business or Accounting. • Certification in Information Technology or Risk Management (CRISC, CISA, CIA, CRMA) • Experience in performing walkthroughs, risk assessments, and control testing. • Experience in testing Information Technology General Controls. • Familiarity with Internal Control frameworks (COSO) and Information Technology frameworks (COBIT, NIST, and ITIL.) • Minimum of 4 years of IT audit or risk management experience with a focus on technology. PREFERRED SKILLS: • Data Analysis skills are a plus. • Experience in assessing Security controls (Access Management & Cybersecurity) • Ability to solve problems and demonstrate creativity and innovation to provide fresh ideas and approaches to process improvements and control testing. • Ability to manage ambiguity and changing priorities. • Strong analysis, research, and analytical skills • Effective communication skills and ability to influence.