This role is part of the Compliance Department and will regularly interact with OCC's IT and Security Services departments. The Senior Compliance Officer (IT & Security Services) will support the continued development and implementation of the IT and Security Services Compliance program which includes: process (also policy and procedure) and control development, risk identification and mitigation, and supporting regulatory exams. The Senior Compliance Officer will also be responsible for recommending enhancements to the performance, integrity, and compliance of the organization's processes. This role is highly focused on review of the organization's compliance with applicable regulatory and legal rules and requirements (i.e., SEC, CFTC, Federal Reserve, etc.) as they relate to technology and information security.
Essential Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
* Contribute to the development, maintenance and continuous improvement of the Regulatory Framework including policies, procedures and controls
* Act as an advisor in compliance matters Assist the business in evaluating new products, key business initiatives, significant technology, and systems to ensure compliance with policy, laws, and regulations
* Participate in or lead compliance programs, projects, system implementations, or OCC initiatives
* Interpret policies, laws, and regulations and assists the business in determining applicability and implementation strategy
* Advise and support the business in establishing and implementing policies and procedures
* Provide guidance to the business on the development and implementation of effective remediation plans to address internal or external findings
* Keep abreast of, and leverage, industry best practices/frameworks (i.e., NIST, COBIT, ISO, etc.) to drive compliance related continuous improvements for IT and Security Services
* Assist in the analysis of findings to identify themes and trends
* Support other departmental activities and initiatives as required including assessment of compliance risks, supporting regulatory reporting and compliance reporting etc.
The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
* Broad knowledge of applicable regulatory, legal rules and requirements (e.g., SEC, CFTC, Federal Reserve, etc.).
* Possesses proficiencies with the use of risk and control frameworks, and process improvement frameworks (e.g. COBIT, COSO, ITIL, NIST, ISO 27001, ISO 9001, CMMI)
* Familiarity with Systems Development Life Cycle (SDLC) process (Waterfall & Agile)
* Comprehensive analytical, conceptual, and problem-solving skills.
* Ability to work independently and as a member of a team, collaborating with internal business clients from different departments and at various levels of seniority.
* Excellent organizational, written and oral communication skills.
* Demonstrated ability to gather, analyze, and evaluate facts and prepare and present concise oral and written reports.
* Proficiency with MS Office software, GRC tools and web-based reporting tools.
* Experience with document management tools (e.g., DMS, PolicyTech) a plus
Education and/or Experience:
* 5+ years of experience in IT, Information Security, IT Compliance, IT Risk Management, or IT Audit related field required
* Bachelor's degree or equivalent required (Degree in Computer Science or related field a plus)
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume. Step 2
You will receive an email notification to confirm that we've received your application.Step 3
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location. For more information about OCC, please click hereOCC is an Equal Opportunity Employer