It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
The IT Compliance Analyst is critical to Simmons’ IT program. The IT Compliance Analyst is involved in the development, assessment, and maintenance of IT internal controls. The individual is also tasked with documentation, oversight, and/or management of self-identified issues within the IT department. The individual is responsible for understanding the IT general controls frameworks and requirements of a stable IT organization as well as understanding the risks that are relevant to reporting and assessing IT controls.
Essential Duties and Responsibilities
Coordinate with IT control owners to document, maintain and perform IT control activitiesPerform inquiries and author narratives in the satisfaction of the control expectations contained within the Cyber Risk Institute’s Cyber Profile v2.0Assist with the identification of key risk exposures within the IT department and bank in generalWork with management to provide insight into potential IT risks and process improvements to support qualitative/quantitative improvements in IT control operations to eliminate deficiencies/improve processes/controlsEffectively communicate a clear and concise overview of information security risk exposures and escalate as appropriateDocument issue descriptions and remediation plans for key risk exposures within the IT departmentEstablish accountability with risk exposure owners and track open IT findings/issues to timely resolutionServe as liaison between the functional units inside the IT department and various internal & external stakeholders including, but not limited to the Chief Risk Officer’s enterprise-level Risk Management organization, internal and external IT auditors, state & federal regulators and other privacy & compliance assessorsOther projects, as assigned, including cross-training in the other roles within the IT Risk Management team and providing periodic cross-functional support as needed
Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
Skills
Demonstrated knowledge of IT internal control concepts and auditing standardsExperience with CRI Cyber Profile v2.0 or other relevant IT frameworks such as ITIL, COBIT, and NISTDemonstrated experience with IT documentation and governance processesExperience with Governance, Risk and Compliance (GRC) software and processesDeep understanding of the full stack of technologies governed by IT controls including applications, databases, operating systems and network management systemsExposure to information security best practices especially as it pertains to cyber security and data loss preventionWorking knowledge of common IT general controls topics including user administration, security, change management, batch processing, robotic processing automation, and other emerging risksPrevious Banking or Financial Service industries experience is a plus
Education and/or Experience
Bachelor's Degree in Information Technology, IT Security, IT Audit or related field OR 2 additional years of directly related IT and/or IT audit experienceCISA Certification or similar (CISSP, CGEIT, CRISC, etc.) IT security and/or IT audit certification is preferred6+ years relevant experience
Other Qualifications (including physical requirements)
Proficient in use of desktop software, including Microsoft Office suiteMust possess excellent telephone and videoconferencing skills to enable live collaboration in a distributed teamStrong organizational, problem solving, and planning skills with the ability to set prioritiesAbility to work independently with limited supervisory inputMay be requested to travel between the DFW, TX & Little Rock, AR areas up to 5% per year
Equal Employment Opportunity Information: Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications. Simmons First National Corporation and its subsidiaries are committed to Affirmative Action Programs consisting of results-oriented procedures to ensure equal employment opportunities. These programs require positive action in lieu of neutral non-discrimination and merit hiring/performance policies.