SummaryThe IT Governance, Risk and Compliance (GRC) Analyst, serving as a member of the IT Security and Governance team, is responsible for supporting the delivery of IT governance for the enterprise.Primary role of The IT GRC Analyst is to validate the appropriate implementation of IT controls through effective testing and oversight, and to identify and manage opportunities to improve risk management within IT.The IT GRC Analyst is part of a team of IT risk professionals who will be responsible for developing, monitoring, and enforcing policies and procedures within the IT Risk Management Framework in support of Genworth’s strategic, compliance and regulatory requirements.ResponsibilitiesThe main responsibilities include:Coordinate IT Risk Management framework activities, including the administration of IT records and artefacts within the enterprise GRC system.Manage operational risks that are associated with each IT asset – specifically data, systems and processes, as well as third party risks (i.e. suppliers, cloud vendors, etc).Facilitation of internal and external audits and reviews, including subsequent remediation and tracking.Make recommendations on risks and issues and communicate outcomes as appropriate.Assist with the design and review of IT controls, monitoring mechanisms to support compliance obligations.Coordinate and perform internal testing of IT general controls and cyber security, including Sarbanes Oxley (SOX) and APRA CPS-234 assurance activities.Drive the understanding and adoption of the IT Risk Management framework within the business.Assist in business continuity and disaster recovery reviews, verification and testing.Assist with the implementation and maintenance of departmental policies and procedures as required.Adhere to the compliance obligations relevant to the position; perform duties in an ethical, lawful and safe manner; undertake training as directed by the Compliance Leader; report and escalate compliance concerns, issues and failures; and disclose potential conflicts of interestPerformance measuresSuccess will be measured across objective and subjective deliverables:Consistent delivery of focused IT governance activities.Execution of successful business and process improvements.Effective management of audit and regulatory requirements in a timely manner.Effective relationship building with key stakeholders.Ongoing management of policies, procedures controls and related artefacts.Demonstration of balancing organisational benefit with control effectiveness.Most Frequent ContactsIn addition to others within the department, this role interfaces with other internal functions, including most frequently:Enterprise RiskProject Management Office (PMO)FinanceSourcing & FacilitiesManagers & Team LeadersInternal Audit (GCAS)This role also interacts regularly with external stakeholders including:Genworth Financial Inc. technology and risk teamsExternal Auditors (KPMG, Ernst & Young)Vendors and ContractorsPosition RequirementsTo be successful in this position, the candidate would be expected to have or demonstrate the following:1 to 2 years experience working in a similar IT risk role.Sound understanding of general IT technologies, controls and industry practices.Knowledge of the regulatory and compliance requirements for IT in the finance sector.Bachelor’s degree in IT or related discipline, with related post graduate qualification preferred.Ability to understand, judge and propose pragmatic control solutions that achieve risk management objectives.Strong interpersonal skills with proven ability to influence, negotiate and collaborate.Strong ability to operate on your own initiative to analyse and solve problems.Competent capabilities with business software / tools (e.g. MS Word, PowerPoint; Visio; Project; Excel).
Don’t provide your bank or credit card details when applying for jobs. Learn how to protect yourself here.