Back to Job Search

IT Risk Analyst - (Primavera) - Sr

Posted 24 days ago

Seeking Level 3 job description below experience Sr role
need to work late hours 5pm ET to 1 am ET to match my India staff
The Risk Analyst investigates and analyzes potential areas of risk to GTS and Herbalife Nutrition highlighting and quantifying the risks to help drive business decisions This role must proactively escalate potential risks to leadership and be outspoken in seeking mitigation actions As this role progresses the Risk Analyst will gain responsibility in designing and defining the risk analysis and serve as an advisor in GTS

Level I
Conduct statistical analyses to determine potential risk and advise leadership
Track and maintain operational risk register
Capture data SOX compliance and maintain related reports
Ensure data integrity and quality of data reporting prior to distribution
Create risk reports and dashboards for leadership
Create relevant training material and memos to support SOX compliance awareness
Performs additional duties as assigned

Level II
In addition to L1 activities
Coordinate with reporting analysts to communicate analysis to leadership
Coordinate with crossfunctional members across GTS functions to collect data
Coordinate with Vendor Management Analyst to identify potential areas of vendor risk and drive mitigation actions

Level III
In addition to L1 and L2 activities
Drive GTS SOX compliance risks controls and compliance program
Ensures SOX compliance tracks deficiencies and drives mitigation actions
Acts as internal and external liaison with auditors
Assist in the development and ongoing review of security policies standards and procedures in partnership with relevant GTS and Herbalife Nutrition organizations
Serves as advisor to GTS Leads in terms of compliance and operational risk

Leads a team increases with level ndash Not required
Proficient in related analysis and risk assessment tools
Proficient in Excel and ability to work with formula39s graphs pivots
Proficient in PowerPoint presentation and Visio to a moderate level
Understand the Vulnerability Management Process
SOX and GRC governance risk and compliance experience is a must
Communication skills to relay results of analysis
Ability to build strong relationships across various functions of GTS to be able to preemptively identify and communicate risks

Certificates Training
IT risk and security practices standards and controls eg COBIT NISTCSF CISCSC C2M2 CSOE ITIL

Certified Information Systems Auditor CISA
Level I
1 years in IT security risk controls audit and regulatory compliance
Preferred programming experience 23 years experience in data visualization and reporting

Level II
3 years in IT security risk controls audit and regulatory compliance
Preferred experience as an IT auditor or working with SOX regulatory requirements

Level III
5 years in IT security risk controls audit and regulatory compliance a related role
Preferred management experience in an IT security risk controls audit and regulatory compliance setting

Bachelor39s in computer science risk management or related degree