The IT Operational Risk Analyst will support the Technology Risk team in identifying, assessing, and mitigating risks associated with IT operations. This includes evaluating internal controls, monitoring compliance with regulatory requirements, and assisting in the development of risk management strategies. The role involves collaboration across departments to ensure risk awareness and adherence to best practices in cybersecurity, data governance, and operational resilience
ABOUT THE JOB
The IT Risk Analyst will lead the collaboration and implementation of the IT risk assessment framework across all aspects of Technology for the bank. IT Risk Analysts use their knowledge and expertise to examine systems and procedures to identify potential adverse events, including hardware and software failures, physical disasters, malicious intruders, malware, denial of service attacks, etc. Responsibilities include assessing the adequacy of the IT strategy, business continuity / disaster recovery plans, threats to the systems and calculating the impact of potential adverse events.Job Duties and Responsibilities:Develop an understanding of Synovus' Operational Risk Management (ORM) framework as it applies to the Technology organization and the COBIT 2019 Framework.Identify risk and controls that meet specific criteria that maps to COBIT Management Objectives.Lead Technology partners in Risk Control Self-Assessment (RCSA) workshops to assess IT risks and document the results. Work with management to document action plans to close control gaps.Identify and develop new metrics based on the operational and technology risk frameworks.Investigate and document technology events including incidents, loss events, audit findings, regulatory findings, etc.Each team member is expected to be aware of risk within their functional area. This includes observing all policies, procedures, laws, regulations and risk limits specific to their role. Additionally, they should raise and report known or suspected violations to the appropriate Company authority in a timely fashion.Performs other related duties as required.The information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.Synovus is an Equal Opportunity Employer committed to fostering an inclusive work environment.
RESPONSIBILITIES
- Develop an understanding of Synovus' Operational Risk Management (ORM) framework as it applies to the Technology organization and the COBIT 2019 Framework.
- Identify risk and controls that meet specific criteria that maps to COBIT Management Objectives.
- Lead Technology partners in Risk Control Self-Assessment (RCSA) workshops to assess IT risks and document the results.
- Work with management to document action plans to close control gaps.
- Identify and develop new metrics based on the operational and technology risk frameworks.
- Investigate and document technology events including incidents, loss events, audit findings, regulatory findings, etc.
QUALIFICATIONS
- Knowledge and expertise to examine systems and procedures to identify potential adverse events.
- Ability to assess the adequacy of the IT strategy, business continuity / disaster recovery plans.
- Ability to calculate the impact of potential adverse events.
TARGET MOCS
All MOCs
OTHER
N/A