Lead Audit and Compliance Analyst - Remote Contract
Remote · Contrato
Seja o primeiro a se candidatar
- Experiência
- 8+ anos
- Salário
- —
- Vagas
- 1
- Publicado
- há 5 horas
- Modo de trabalho
- Trabalhe em casa
- Retomar
- Obrigatório candidatar-se
Descrição da vaga
About the Role
This opportunity with Santander entails a remote contract position lasting between 6 to 12 months, focusing on leading the Risk Control Self Assessment (RCSA) program within the Technology domain. The role is pivotal in enhancing audit and compliance processes by guiding RCSA workshops, reviewing control documentation, identifying gaps, and supporting remediation efforts in coordination with first line defense and technology stakeholders.
Primary Responsibilities
- Organize, facilitate, and manage RCSA workshops including preparation of agendas, documentation, and follow-up actions.
- Ensure outcomes, decisions, and open items from workshops are tracked to resolution, escalating as needed.
- Review existing RCSA risk and control documentation to confirm clarity, accuracy, and adherence to standards.
- Identify and help address documentation gaps including missing or outdated control descriptions.
- Enhance control articulation by clarifying control activities, ownership, frequency, evidence requirements, and expected results.
- Review and improve testing scripts to align with updated control language and testing protocols.
- Support control testing efforts by validating evidence and documenting exceptions as necessary.
- Maintain and update the Risk and Control Matrix (RCM) inventory, process maps, and manage change protocols to reflect current operational realities.
- Coordinate stakeholder reviews, approvals, and maintain version control of risk and control documentation.
Experience and Skills Required
- At least 8 years of experience in technology risk management, IT controls, operational risk, RCSA execution, control testing, internal audit, or related areas.
- Deep understanding of RCSA methodologies, risk concepts, control design, testing processes, issue resolution, and remediation approaches.
- Skilled at conducting workshops and engaging stakeholders across technology, control, and risk functions.
- Proficient in reviewing and enhancing control language to improve clarity and auditability.
- Experienced in testing script assessments and improvements aligned with control objectives.
- Familiar with governance tools including RCM inventory management, process mapping, control libraries, risk taxonomies, and change management procedures.
- Strong documentation and analytical skills with attention to detail and accuracy.
- Ability to translate complex technical technology processes into clear, risk-oriented control documentation.
- Excellent communication and stakeholder management capabilities.
- Ability to handle multiple priorities and deliver high-quality output on schedule.
Preferred Certifications
- Certifications such as CISA, CRISC, CIA, CISM, CISSP, CGEIT, COBIT, ITIL, ISO 27001 or applicable cloud security certifications are favored.
Additional Information
This contract role is fully remote within the United States and requires a thorough knowledge of IT risk domains including access and change management, cybersecurity, infrastructure, applications security, data protection, IT operations, and third-party technology risk management.