Senior Technology And Data Risk Analyst

Job Description: The Senior Technology and Data Risk Analyst is responsible for assisting the Enterprise Risk Manager - Technology and Data Riskin implementing quantitative and qualitative measures of Technology and Data Risk and Control assessment or testing. Primary Responsibilities: Conducting risk and control assessments across assigned technology and data domains. Aggregating and analyzing risk events reported and documented in eGRC Archer. Performing root cause analyses on identified risk events to recommend improvements to prevent these risk events from re-occurring in future. Document remediation plans and track with assigned domains through completion to address any gaps in the mitigating measures identified. Analyzing identified trends in the performance of controls tested by Enterprise Risk. Assisting the Enterprise Risk Manager in preparing reports to the Senior Managers, Executives, and Enterprise Risk Committee members. Develop and maintain Quality Assurance (QA) control testing methodology and standards Assist manager in identifying risks and developing control test templates Develop and execute testing based on test plans utilizing eGRC Archer Stay current on industry best-practices and regulatory rules and changes. Major Duties and Responsibilities: List the primary duties and indicate the percent of time that will be spent on each one. (Percentages do not have to total 100% but should represent most of the associate's responsibilities.) Begin each function with an action word such as advise, approve, analyze, create, design, perform, etc. (Example: 40% Support DSSO Business Finance Sales - add detail information) Methodology 20%: Assist Enterprise Risk Manager in developing QA methodology to include: Testing guidelines including developing test plans Population and sampling guidelines Performance reporting and remediation guidelines Review or update annually Work with Enterprise Risk Manager to establish goals and monitor progress Testing 50%: Develop a thorough understanding of risk and controls within the assigned domains at TMCC. Proactive partner with risk and control owners in developing testing plans. Create new test plans when new areas applicable to risk are developed or brought in-scope. Execute tests based on test plan for all applicable controls Partner with Enterprise Risk manager and business process owner to evaluate errors and develop remediation action plans. Reporting 15%: Develop and present to Risk senior management top issues along with recommendations on a monthly basis. Special Projects 15%: Coordinate and perform special reviews and ad hoc projects for Risk management with minimal supervision and direction from the Enterprise Risk manager. Responsible for fielding incoming operational and procedural questions and concerns from the field and corporate departments. Continuing Education and Professional Development 5%:• Pursue professional development opportunities, including external and internal training and professional association memberships, and share information gained with co-workers. Technical Requirements: (Excel, PowerPoint, MS Word, Lotus Notes, etc.) Describe the technical knowledge and experience required to accomplish the job duties and responsibilities. Proficiency in Microsoft Excel, Word, PowerPoint, VISIO Strong ability to perform data analysis using excel techniques Experience with Governance, Risk, Compliance systems (Archer eGRC) a plus Experience / Educational Requirements / Licenses or Certifications: Bachelor's degree in Accounting, Finance, Information systems, or Computer Science Certifications: CISA, CISSP, CISM or CRMA preferred Minimum of 5 to 10 years of experience with COSO, COBIT, and GRC methodologies and frameworks Strong working knowledge of industry standard IT change management practices, data architecture principles, release testing, and QA procedures Kaizen, Lean, or Six Sigma certifications are desirable Special Skills or Knowledge: Ability to develop and document process maps for control processes Ability to identify and assess technology and data risks Strong oral and written communication skills Ability to credibly present findings and deficiencies to senior management Ability to develop strong partnerships and influence people Data analytics skill

Created: 2026-04-02