IT Control and Process Analyst
Assist in the overall maintenance of the business continuity and disaster recovery strategies and solutions, including risk assessments, business impact analyses, strategy selection, and documentation of business continuity and disaster recovery plan and procedures. Coordinate a variety of continuity efforts both internally and with third party vendors and partners ensuring compliance with governing bodies and frameworks. Perform ongoing analysis of the IT control environment including testing controls, remediating gaps, acting as the liason with IT auditors, etc.
- Update and continually strengthen the corporate business contingency program and framework by working closely with the department management to ensure the company is protected in the event of an emergency.
- Update policies, procedures and plans regularly. Document and maintain program policies, processes and practices which effectively ensure that the enterprise program remains current, and incorporates/align with industry standards and practices as appropriate, and cover all applicable general regulatory requirements. Assist in creating procedures and guides as it relates to Business Continuity Testing.
- Plan, conduct, and assist in debriefing disaster recovery exercises to test the adquacy of existing plans and strategies.
- Coordinate continuity efforts after a disruption event. Ensure all follow up activities and analysis are completed and improvements/enhancements are incorporated into plans and programs going forward. Work with management to align recovery expectations.
- Support the development and maintenance of the enterprise-wide business continuity management program including: develop and disseminate tools, forms, and instructional guides for staff, provide procedural and process updates, etc. Work with business lines to create process narratives.
- Review departmental response plans as assigned. Test plans and make recommendations to enhance and continually evaluate and improve plans. Identify process improvements.
- Work with employees and managers on contingency and disaster recovery plans and explain or educate on the concepts.. May provide existing educational materials, e.g. webinars, training and communications to increase management’s understanding of the role and importance of contingency and disaster recovery.
- Coordinate with the Third Party Risk group to analyze, review and recommend status (approval or denial ) of vendor business contingency plans and vendor SOC audits based on departmental standards and practices. Reviews findings and designation with internal management team and may make recommendations as needed to improve outcomes.
- Map Third Party control gaps to internal controls and communicate with the Third Party Risk team and/or their clients to provide feedback to ensure plans meet company standards.
- Partner with the Compliance group to provide business continuity and disaster recovery activities and statistics to the overall compliance scorecard and reports.
- Prepare reports and analysis ensuring appropriate integration of requirements and information obtained from various sources; including external regulators internal/external auditors, FFEIC, etc.
- Perform a variety of audit activities including readiness IT GCR audits (limited scope) annually, assist in managing audits and mitigating gaps identified during readiness audits, along with other audits.
- Assist IT with various activities including performing and coordinating IT initiatives (i.e. IT projects, CIO directed research, vendor research, etc.) assisting with IT Committee outcomes, follow up, etc. and mapping the IT environment (applications, databases, storage, etc.) as needed.
- Perform other related activities as assigned.
- An undergraduate degree in a related field or an equivalent combination of training and experience.
- A minimum of 2 – 4 years related business continuity/disaster recovery and/or IT audit experience including experience with various audit reports such as SOX, SOC, ISAE, etc.
- Working knowledge of business continuity and disaster recovery practices and principles
- Working knowledge of IT audits, control assessments, etc.
- Excellent verbal, written, and interpersonal communication skills
- Strong organizational and time management skills
- A team player able to work effectively in a team fostered, multi-tasking environment
- Proficient in Microsoft Office suite, e.g. Excel, PowerPoint, Word, Outlook
- Position is required to travel
The Bancorp is an Equal Opportunity Employer