Public Cloud Risk and Controls Analyst Lead

We are

At Synechron, we believe in the power of digital to transform businesses for the better. Our global consulting firm combines creativity and innovative technology to deliver industry-leading digital solutions. Synechron’s progressive technologies and optimization strategies span end-to-end Artificial Intelligence, Consulting, Digital, Cloud & DevOps, Data, and Software Engineering, servicing an array of noteworthy financial services and technology firms. Through research and development initiatives in our FinLabs we develop solutions for modernization, from Artificial Intelligence and Blockchain to Data Science models, Digital Underwriting, mobile-first applications and more. Over the last 20+ years, our company has been honored with multiple employer awards, recognizing our commitment to our talented teams. With top clients to boast about, Synechron has a global workforce of 14,500+, and has 58 offices in 21 countries within key global markets.

Our challenge

We are looking for a highly skilled candidate who would Identify risk, assess residual risk, and coordinate Corrective Action Plan (CAP) completion through collaboration with information security and engineering teams Negotiate with IA (Internal Audit; Third Line of Defence) and ORM (Operational Risk Management; Second Line of Defence), and with Policy Owners when more cloud-friendly policy changes need to be influenced.

Additional Information* 

The base salary for this position will vary based on geography and other factors. In accordance with law, the base salary for this role if filled within Irving, TX is $130k - $140k/year & benefits (see below).

The Role

Responsibilities:

• Advise engineers on application of Policy across multiple concurrent technology domains such as compute, container, DB, middleware, etc.
• Research origins of Policy in Regulations collaboratively with ICRM (Independent Compliance Risk Management)
• Engage with and lead advocacy efforts with regulators in Asia and EMEA on Public Cloud in partnership with Government Affairs and Regulatory Engagement teams.
• Design processes for building and maintaining services in Public Cloud with control in mind
• Maintain continual assessment of Management Controls Assessment (MCA) Efficacy for Public Cloud
• Monitor exceptions to dispute policy and identify common root causes of exceptions.
• Leverage data to examine impacts to Customer Experience and Regulatory breaks.
• Appropriately assess risk and demonstrate consideration for the firm's reputation and safeguard Citigroup, its clients, and assets, by:
• Driving compliance with applicable laws, rules and regulations
• Adhering to Policy
• Applying sound ethical judgment regarding personal behavior, conduct and business practices
• Escalating, managing, and reporting control issues with transparency
• Influence Application Teams on best practices for MCA

Requirements:

You are:

• Undergraduate degree in related field or equivalent experience
• 7+ years relevant work experience in Technology Risk & Controls in a large organization in a heavily regulated industry
• 3+ years relevant work experience in Public Cloud Technology (Amazon Web Services, Google Cloud Platform, Snowflake, MongoDB Atlas, Azure, etc.)
• MS Excel required. MS Access, SQL a plus.
• Consistent, clear, and concise written communication skills
• Ability to explain concepts consistently to stakeholders, including non-technical audiences
• Ability to firmly communicate the requirements and position of Policy that must be satisfied
• Ability to see the big picture with high attention to critical details
• Demonstrated ability to develop and implement strategy and process improvement initiatives
• Demonstrated ability to influence change and common-sense approaches to modern risk complexity
• Demonstrable interest in Public Cloud risk identification and mitigation
• Strong collaboration and interpersonal skills.

It would be great if you also had:

• Experience working directly with regulators of the financial industry in Asia regionally, or Singapore locally.
• Risk certifications such as the CIA, CISSP, CISA, CRISC, CGEIT, CDPSE, etc.
• Certifications in Public Cloud such as AWS Certified Cloud Practitioner, or AWS Certified Security Specialty
• Experience working with NIST, COBIT, ITIL, CSA, and/or ISO risk and ITSM frameworks
• Experience in an influence management discipline such as project management or product management
• Familiarity with DevOps and SRE practices
• Experience with cloud infrastructure and data services (compute, storage, networking and others).

We can offer you:

• A highly competitive compensation and benefits package
• A multinational organization with 58 offices in 21 countries and the possibility to work abroad
• Laptop and a mobile phone
• 10 days of paid annual leave (plus sick leave and national holidays)
• Maternity & Paternity leave plans
• A comprehensive insurance plan including: medical, dental, vision, life insurance, and long-/short-term disability (plans vary by region)
• Retirement savings plans
• A higher education certification policy
• Commuter benefits (varies by region)
• Extensive training opportunities, focused on skills, substantive knowledge, and personal development.
• On-demand Udemy for Business for all Synechron employees with free access to more than 5000 curated courses 
• Coaching opportunities with experienced colleagues from our Financial Innovation Labs (FinLabs) and Center of Excellences (CoE) groups
• Cutting edge projects at the world’s leading tier-one banks, financial institutions and insurance firms
• A flat and approachable organization
• A truly diverse, fun-loving and global work culture

S​YNECHRON’S DIVERSITY & INCLUSION STATEMENT
 

Diversity & Inclusion are fundamental to our culture, and Synechron is proud to be an equal opportunity workplace and is an affirmative action employer. Our Diversity, Equity, and Inclusion (DEI) initiative ‘Same Difference’ is committed to fostering an inclusive culture – promoting equality, diversity and an environment that is respectful to all. We strongly believe that a diverse workforce helps build stronger, successful businesses as a global company. We encourage applicants from across diverse backgrounds, race, ethnicities, religion, age, marital status, gender, sexual orientations, or disabilities to apply. We empower our global workforce by offering flexible workplace arrangements, mentoring, internal mobility, learning and development programs, and more.

All employment decisions at Synechron are based on business needs, job requirements and individual qualifications, without regard to the applicant’s gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.

Candidate Application Notice