Sr. IT Compliance Analyst
Chicago, IL

Job Description

Join the FHLBC team!

At the Federal Home Loan Bank of Chicago, employees come first. That's why we offer a highly competitive compensation and bonus package, and access to a comprehensive benefits program designed to meet the needs of our employees.

* Medical, dental and vision insurance
* Retirement program (401k and Pension)
* Generous PTO plan
* 10 paid holidays per year
* Work from home options
* Casual dress code

Position Summary:

The Sr. IT Compliance Analyst provides a secure and protected environment for the Bank's data and systems by evaluating IT controls, performing application assessments, identifying areas of non-compliance, and developing improvements to operational deficiencies.

Essential Duties & Responsibilities:

* Executes the internal IT compliance testing program. This includes: internal IT controls and compliance reviews; and remediation testing of issues identified during regulatory inspections or internal assessments.
* Advises IT stakeholders on the effectiveness of corrective action plans in the event of non-compliance or detected vulnerabilities in their environment.
* Ensures controls and risks are documented and updated as needed.
* Proactively identifies technology risks and provides recommendations to mitigate risks.
* Independently evaluates and analyzes operational risk issues, offers recommendations for improvement, and communicates results to management and other key stakeholders.
* Assists in the administration of IT policies, standards, processes, and procedures.
* Ensures proper log monitoring, reporting and escalation of non-compliant activity.
* Performs coordination and tracking of open audit and policy exceptions.
* Contributes to various project requests from Internal/External Audit and Enterprise Risk Management to increase operational efficiency, strengthen IT environment, and help meet the Bank's internal and external regulatory or compliance requirements.
* Assists in developing and administering ongoing IT compliance monitoring and governance activities.
* Performs ad-hoc IT compliance requests or additional duties as assigned.
* Builds and maintains positive working relationships with stakeholders, including in application owners, business partners, and management in support of IT Risk and Compliance processes.

Experience & Educational Requirements:

* 4 year college degree in information technology or equivalent experience
* 4-8 years of IT security, IT audit and compliance, or IT risk management experience.
* 8-10 years of experience necessary without a degree.
* Security certification is highly preferred (CISSP, CISA, CRISC, CGEIT, etc.)

Software Requirements:

* MS Office product (notably Outlook, Word, Excel, and Access) knowledge.
* Compliance Monitoring tool exposure (Varonis, Splunk, McAfee Database Activity Monitoring, Tripwire) preferred
* Tableau business intelligence and analytic reporting tool.

Knowledge, Skills, Abilities & Behaviors Required:

* Must have good communication (verbal, written, and listening) skills.
* Advanced knowledge of IT security controls.
* Advanced knowledge of evaluating internal controls and developing recommendations.
* Advanced knowledge of project management principles (planning, organizing, and managing assessment process).
* Must be a self-starter, with the ability to work in a fast paced environment, both independently and as part of a team.
* A high level of integrity and dependability are necessary to perform this role.
* Strong analytical and organizational skills with attention to detail and accuracy.