IT Business Control & Risk Management, Sr. Analyst

Job Description

Description

The Sr Analyst, Business Control & Risk Management, represents the First Line of Defense and is responsible to identify, assess and action various risks throughout the assigned business line by executing defined risk programs in support of Application Inherent Risk Assessment and Data Classification programs. This role will primarily be driving the execution of data classification program for applications as well as participating in the initiative for the Application Inherent Risk Assessment program. The Associate is part of the Technology GRC team within the Technology Chief Operating Office (COO).
Essential Functions:

• Drives execution of data classification program to assess data classification assigned to applications.
• Supports the Application Inherent Risk Assessment (App IRA) program by facilitating app IRA during application registration and recertification
• Works collaboratively with SLoD, compliance, privacy, business, and technical owners on data classification and App IRA.
• Contributes to escalation, reporting and communication of program updates and quality assurance items to various risk governance forums.

Other Functions:

• Adherence to Risk Frameworks, Policies, and Standards: Partner with SLoD to provide input/review of framework, policies, and standards. Facilitate Business Line awareness of and adherence to risk frameworks, policies, and standards and issue validation. Report and escalate exceptions and facilitate Business Line corrective actions
• Analyzes documentation for evidence of successful and efficient performance.
• Applies developing knowledge and supports the design, assessment, and/or administration of quality assurance programs, practices and policies.
• Assists in the collection and initial analysis of data, preparation of business owner control surveys
• Conducts quality audits on all routine and complex transactions and correspondence to ensure proper processing according to established quality standards.
• Develops training on policies and procedures concerning controls and risk management.
• Independently conduct internal control testing – including on-site observations, interviews with management and staff, analytical procedures and statistical/judgmental analysis and testing of data.
• Interprets regulations affecting control standards with large degree of independence and suggests methods of updating policies and practices to address any risk concerns.
• Leads operating process and internal control improvement initiatives.
• Manages complex projects that involve working with businesses to improve controls to mitigate any deficiencies.
• Partners with Internal Audit, Compliance, and/or Operations Management to share information and escalate issues as needed.
• Provides thematic analysis of issues for business to identify emerging trends.
• Reports audit results and determines corrective action plans, as necessary.
• Reviews current policies and procedures to identify process gaps and opportunities for improvement.
• Reviews, monitors and tests internal controls and procedures associated with products, services, customers and operations.
• Through walkthroughs and testing, identifies possible internal control breakdowns and gaps and report them to management.
• Works with the business to understand the controls currently in place to minimize risk.
• Other duties as assigned.

Requirements:

• Education -
  • Bachelor's Degree: Accounting, Business, Statistics, Risk Management, Information Systems, Finance, Economics or equivalent field or equivalent work experience
  • Master's Degree: Accounting, Business, Statistics, Risk Management, Information Systems, Finance, Economics or equivalent field.
• Experience -
  • 5-9 years Risk Management, Internal Controls, Auditing, Credit Management, relevant line of business experience and/or legal or regulatory experience.
• Skills & Abilities -
  • Demonstrated experience supporting and/or leading risk projects across multiple business lines offering a wide variety of financial services products and services.
  • Knowledge of the financial services sector, particularly with the competitive dynamics and products in retail banking and risk management.
  • Advanced understanding of the regulatory environment and how the risks of the products and services the bank offers are viewed by the Second Line of Defense and regulators.
  • Ability to build credibility with, collaborate with, and influence line of business executives.
  • Excellent analytical and complex problem solving skills.
  • Strong project management skills.
  • Ability to constructively work both independently and in collaborative environments involving all levels of management and employees
  • Ability to collaborate with internal and external service providers to establish resource requirements, scheduling, assignments and service levels.
  • Ability to build internal and external networks of information resources within the risk management ecosystem.
  • Understanding of BSA/AML and OFAC regulations, regulatory expectations and industry leading practices.
• Licenses & Certifications -
  • Other Risk Certification

Competencies:

• Collaboration - Relationship Management:
  • Proficient - Applying and Executing
    • Knows who to reach out to inside and outside of one’s team to get work done
    • Takes action to enhance working relationships needed to achieve seamless work flow
• Collaboration - Teamwork:
  • Proficient - Applying and Executing
    • Creates a good working environment in the team; works towards shared goals contributing ideas and accepting change
    • Provides assistance and coaches less experienced team members
• Execution - Accountability:
  • Proficient - Applying and Executing
    • Follows through to meet commitments to others
    • Takes responsibility for achieving strong results, despite balancing multiple complex demands
• Influence - Information Sharing:
  • Proficient - Applying and Executing
    • Uses information and data effectively to support a position and present a rational case
• Influence - Two-way communication:
  • Proficient - Applying and Executing
    • Communicates in a timely and straightforward manner
    • Probes for additional information, clarifies assumptions and confirms agreed-upon actions
    • Keeps everyone involved informed about progress and issues
• Risk Business Acumen - Industry Acumen:
  • Proficient - Applying and Executing
    • Stays current with industry and regulatory trends and emerging risk issues
    • Has good understanding of current market and competitive landscape that the organization operates within
• Risk Management - Knowledge of Risk Management Policies, Regulations, Processes and Procedures:
  • Proficient - Applying and Executing
    • Executes risk management process and procedures without management direction, and demonstrates awareness of expected results
    • Knows the relationship and impact of actions and results
    • Has an understanding of regulations impacting area supported
• Risk Management - Risk and Compliance Adherence:
  • Proficient - Applying and Executing
    • Communicates the importance and benefits of risk management to counterparts
    • Displays natural skepticism and curiosity to question the status quo and uncover issues
    • Adheres to a good root cause analysis process

Working Conditions:

• Frequently: Minimal physical effort such as sitting, standing, and walking.
• Occasional moving and lifting of equipment and furniture is required to support onsite and offsite meeting setup and teardown.
• Physically capable of lifting up to fifty pounds, able to bend, kneel, climb ladders.

Employer’s Rights:

• This job description does not list all the duties of the job. You may be asked by your supervisors or managers to perform other duties. You will be evaluated in part based upon your performance of the tasks listed in this job description.
• The employer has the right to revise this job description at any time. This job description is not a contract for employment, and either you or the employer may terminate employment at any time, for any reason.

At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.

Employees desiring consideration should complete an online application, utilizing the appropriate process as subscribed by the posting entity. Employees should provide all pertinent information to support their candidacy.

To be considered eligible for internal posting, Santander employees must meet all of the following eligibility requirements:

• Completion of at least one year of active service in Santander
• Completion of at least twelve months in current position
• Be in 'Good Standing'

Please click here to see the full policy - http://thesource.sov.gs.corp/assets/Internal-Recruitment-Guidelines.pdf