This is an IT Senior Risk & Compliance Analyst role in GE’ Renewable Energy's Risk & Assurance Compliance team. Main responsibility will be understanding various compliance requirements, effectively interpret and communicate the requirements to internal teams, and lead efforts to produce actionable plans to meet the compliance requirements as the results of performing IT compliance testing as part of an IT risk-based testing program.
Staff Regulatory Compliance Analyst
- Conducts various IT Compliance controls validation and implementation activities and concludes on the effectiveness of controls and control gaps based on the results of testing.
- Prepare well-written audit findings, including remediation recommendations, submit timely to engagement management for review and follow-up.
- Effectively communicates compliance testing issues and related recommendations in both technical and non-technical terms to Operational and IT management.
- Develops metrics and dashboards for reporting on assigned compliance programs.
- Drive continuous improvement initiatives.
- Provide proactive status updates to the IT Cyber Security leadership, Internal Audit team, IT/process owners, and external auditors.
- Advises IT stakeholders on the effectiveness of corrective action plans in the event of non-compliance or detected vulnerabilities in their environment.
- Prepare scorecards and dashboards that demonstrate the status and results on control tests.
- Understand and consolidate control requirements across various frameworks to ensure efficient approaches for control assessments.
- Assists in developing and administering ongoing IT compliance monitoring and governance activities.
- Aware of changes in IT audit practices, regulatory requirements, and IT Risk frameworks to understand their impact to (e.g. ISO27002, SOC2, GDPR, China Cyber, NIST 800-53, NIST Cybersecurity Framework).
- Develop and maintain deep partnerships with resources focused on access related processes within the Digital organization.
- Performs coordination and tracking of open CAS audit findings and IT policy exceptions.
- Develop deep expertise on the key Identity and Access Management tools (e.g., Sailpoint, Cyberark) as well as Change Management tools (e.g., ServiceNow, Jenkins).
- Design and maintain metrics and dashboards that support report outs on control testing and effectiveness status.
- Collaborate with team members to ensure that cohesive communications and requests are delivered to application teams and stakeholders.
- Bachelor's degree from an accredited university or college or equivalent knowledge or work experience
- Significant experience in IT Audit / Risk Management
- Ability to travel domestically and internationally up to 20%
- Skilled in identifying risks & controls and developing audit tests of controls.
- Experience with general IT control (GITC) testing.
- External certification(s) preferred: CISA, CISSP, CGEIT, CA, CIA.
- Compliance Monitoring tool exposure (Varonis, Splunk, McAfee Database Activity Monitoring, Tripwire) preferred.
- Experience with the following systems and technical platforms: SAP, Oracle, Greenplum, Talend/HVR and Cloud Systems.
- Understanding of the COSO/COBIT frameworks, SOx, GDPR, ISO, internal controls & test plan development.
- Ability to work both independently and within a global team environment.
- People management and personnel development experience.
- Excellent verbal and written communication skills.
- Strong analytical, interpersonal and leadership skills with orientation toward process improvement.
What can we offer?
- Career growth opportunity
- Opportunity for process improvement/simplification/standardization
- Professional and personal development trainings
- Enthusiastic team with supportive leaders
- Multicultural and diverse environment
- A pleasant and modern working environment, including gym, cafeteria and a medical centre located on the office campus
- Good public transportation and free parking
- Flexible working hours
GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, and according with all local laws protecting different status. Follow us at GE Renewable Energy.
- Administration, Assistance, Office Work
- Administrator, Document Manager
- IT Development
- IT Consultant, Analyst, Auditor
- Full time
- 3-5 years professional experience
Required language level:
- Language skills are not required
How to apply/ contact information:
You can apply with the „Jelentkezem" button underneath.