Job Title: Governance and Risk Analyst II

Location: Remote but MUST be living in AL, AR, FL, GA, LA, MO, MS, TN, OR TX

Functional: Governance Analyst

Summary

Governance, Risk and Compliance (GRC) aims to ensure service level optimization through continuous evaluation of operational and technology processes, capabilities, and improvement as it relates to people, technology, process, and business management. Individuals within the GRC Analyst role evaluate, direct and monitor Cadence Bank's key IT and operational functions to ensure alignment to strategic business objectives and IT-related goals. They are focused on Document Governance, Process Maturity, Key Performance/Key Risk Indicators, and other processes needed to ensure the effectiveness of our governance, risk management, and compliance practices across both IT and operational functions.

The ideal candidate has a thorough knowledge of IT and operation controls, processes, and industry best practice. The incumbent should have a strong understanding of cyber security methodologies, ITIL, COBIT, NIST, and regulations in the financial services sector.

Essential Job Duties

• Support the establishment of governance structures and processes to align with business objectives and promote accountability and transparency
• Work directly with Information Technology and Operations to facilitate process maturity assessments to identify potential improvements and acceptable levels of risk
• Responsible for identifying and reporting on process risk, key performance indicators and key risk indicators
• Support the IT Service Portfolio and Catalog by providing input to potential service improvements
• Responsible for enabling each stage of the service model lifecycle
• Ensure and advise on appropriate service level management activities for key functions
• Ensure the governance of documentation within the IT and operational departments and the appropriateness of content
• Participate in continuous GRC optimization by researching and remaining informed of leading practices and methodologies

Core Competencies

• In depth knowledge of IT and Operations processes and best practices, including FFIEC IT Handbooks, COBIT, NIST Cybersecurity Framework and ITIL
• Knowledge of basic Risk Management methodologies/techniques to support the Program.
• Effective oral and written communication, performance management, issue resolution, motivating team members through completion, and planning.
• Self-motivated and able to meet targets independently.
• Analytical and problem-solving skills.

Minimum Qualifications

• Three (3) years of relevant working experience
• Preferred (one or more) ISC2 or ISACA certifications:
• CGEIT - Certified Governance of Enterprise IT
• CISA- Certified Information Systems Auditor
• CRISC- Certified on Risk of Information Systems
• Strong computer skills with Microsoft and Google applications along with an ability to learn new systems. Visio and PowerBI skills a plus
• Ability to travel a maximum of 10% annually.
• Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, complete lack of criminal convictions etc.), and willingness to undergo vetting to verify this if necessary.