GRC – Senior Security Risk Analyst

Job Description Summary

This role will support the Technology Risk and Controls team as part of our IT control assurance program. The senior analyst will manage IT controls and support development teams to integrate data from various security platforms into ServiceNow to ensure control requirements are met across multiple security groups. The senior analyst will also perform technology issue management as part of IT risk management program and to drive remediation efforts where control gaps may exist. The senior analyst will demonstrate subject matter expertise and is able to integrate domain knowledge with an understanding of financial services standards and practices. This role will also apply specialized business and IT security knowledge and technical skills to significant deliverables and projects that involve multiple IT departments, business units and have enterprise impact.

Job Description

This position follows our hybrid workstyle policy: Expected to be in a Raymond James office location a minimum of 10-12 days a month.

Please note: This role is not eligible for Work Visa sponsorship, either currently or in the future.

Responsibilities:

• Coordinate issue management within IBM OpenPages or similar issue management GRC Tools

• Work with IT control owners to drive control remediation based on issues identified within audits or control assurance testing function

• Aid in the implementation of control assurance functions by supporting development of control effectiveness tests

• Support development for ServiceNow GRC, Policy and Compliance, or Integrated Risk Management (IRM) modules.

• Understand business requirements related to risk and controls or GRC and work with software engineers to ensure business requirements are met

• Analyze enterprise data (SIEM, endpoint security logs, etc.) to determine where data for control assurance activities can be gathered to meet development requirements

• Plan and execute unit, integration, regression, and user acceptance testing (UAT).

• Analyze, troubleshoot, resolve, and report issues

• Participate in the requirements gathering phase to provide time estimation to client needs

• Analyze technical development requirements

• Create and update the configuration documentation

• Seeks understanding of risks and procedures sufficient to understand the reasons for tasks being performed

• Analyzes controls for adequacy of design and performs and/or supports control assurance testing activities

• Performs other duties and responsibilities as assigned

Qualifications:

• 5+ years’ experience understanding and communicating business and technical requirements 

• Strong understanding of IT Security principles and controls

• Experience supporting ServiceNow development efforts and user stories as part of agile development methodology is a plus

• Experience with data analysis and data mapping 

• Identify and understand issues, problems and opportunities; compare data from different sources to draw conclusions.  

• Strong project management skills and ability to prioritize among high visibility projects

• Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that is consistent with available facts, constraints and probable consequences. 

• Develop and use collaborative relationships to facilitate the accomplishment of work goals. 

• Make internal and external clients and their needs a primary focus of actions; develop and sustain productive client relationships.

• Experience within a highly regulated environment like Financial Services preferred but not required 

• Certified Information Systems Security Professional (CISSP), Security+, GCCC or Certified Information Systems Auditor (CISA) or other cyber security certifications are differentiators; preferred but not required

Education

Bachelor’s: Computer and Information Science, Bachelor’s: Information Technology, High School (HS) (Required)

Work Experience

General Experience - 3 to 6 years

Certifications

Travel

Less than 25%

Workstyle

Hybrid

At Raymond James our associates use five guiding behaviors (Develop, Collaborate, Decide, Deliver, Improve) to deliver on the firm's core values of client-first, integrity, independence and a conservative, long-term view. 

We expect our associates at all levels to:
•  Grow professionally and inspire others to do the same
•  Work with and through others to achieve desired outcomes
•  Make prompt, pragmatic choices and act with the client in mind
•  Take ownership and hold themselves and others accountable for delivering results that matter
•  Contribute to the continuous evolution of the firm

At Raymond James – as part of our people-first culture, we honor, value, and respect the uniqueness, experiences, and backgrounds of all of our Associates.  When associates bring their best authentic selves, our organization, clients, and communities thrive. The Company is an equal opportunity employer and makes all employment decisions on the basis of merit and business needs. 

#LI-TC1