Senior IT Risk Management Analyst

Company
Federal Reserve Bank of Chicago
When you join the Federal Reserve—the nation's central bank—you'll play a key role, collaborating with leading tech professionals to strengthen and protect the information assets of the Research, Policy, and Public Engagement (RPPE) department. We invest in contemporary and emerging technology each year to support the Federal Reserve and our economy, and we're building a dynamic and diverse team for our future.
Bring your passion and expertise, and we'll provide the opportunities that will challenge you and propel your growth—along with a wide range of benefits and perks that support your health, wealth, and life.
Maps policy requirements and changes to develop effective security processes. Translates the overarching concerns of IT Risk Management (risk posture, policy compliance, and compliance burden) into processes and programs. Maintains relationship with Information Security Services on a frequent, on-going basis. Provides training and guidance to other embedded IT staff. The level of work required is considered advanced and staff must be able to work under minimal supervision. This job does not have any direct reports.

• Identifies needs and develops and implements technology-related internal controls across RPPE IT projects to ensure effective implementation of information security or IT Policy & Risk Assessment initiatives
• Researches and stays current with emerging risk and compliance trends and IT security regulations
• Assesses internal control performance, identifies weaknesses, and provides recommendations to strengthen the control environment
• Monitors compliance with IT policies, procedures, and operating standards
• Leads department through all aspects of the risk evaluation process
• Serves as a key team member and central point of contact during internal audit processes and for security-related incident response
• Produces artifacts to document remediation of internal control issues or that support the closure of action plans
• Collects, analyzes, and presents data in reports; performs special projects as needed (e.g. surveys, studies) including memos and status reports for management
• Performs routine periodic and ongoing information security activities
• Researches and develops automation to support the role and compliance activities
• Leads department IT Policy & Risk Assessment process improvement projects

Your Background

• Bachelor's Degree in business, information technology, or other related field or equivalent work experience
• 5+ years of experience in risk management, audit or information security disciplines
• Ability to communicate risk and compliance subjects to multiple audiences, including technicians (e.g., IS Liaisons and IS Engineers), business people and management
• Strong understanding of the impact of risk/compliance topics on business processes
• Strong knowledge of and ability to apply presentation software
• Project management experience
• Strong public speaking and written/verbal communication skills
• Strong research and analysis skills
• Familiarity with common information security frameworks Industry certification, such as CISSP, preferred

What we Offer

• Comprehensive benefits package includes medical, dental, vision, prescription drug coverage, 401k savings plan, retirement plan, paid time off, transit benefit, onsite gym and subsidized cafeteria
• A learning environment with opportunities to gain new skills and grow your career Other

Additional Requirements

• Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.
• This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take approximately two months to be completed. The screening covers areas such as education/employment verification, criminal history, credit history, and reaches out to your references and people that know you well.
• As a condition of employment, Federal Reserve Bank of Chicago employees must comply with the Bank's ethics rules, which generally prohibit employees, their spouses/domestic partners, and minor children from owning securities, such as stock, of banks or savings associations or their affiliates, such as bank holding companies and savings and loan holding companies. If you or your spouse/domestic partner or minor child own such securities, and would not be willing or able to divest them if you accepted an offer of Bank employment, you should raise this issue with the recruiter for this posting, who can provide you contact information for our ethics official if necessary

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender, gender identity or expression, or veteran status. employment, you should raise this issue with the recruiter for this posting, who can provide you contact information for our ethics official if necessary.
Full Time / Part Time
Full time
Regular / Temporary
Regular
Job Exempt (Yes / No)
Yes
Job Category
Information Technology
Work Shift
First (United States of America)
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Privacy Notice