Overview:
the risk analyst iii investigates and analyzes potential areas of risk to gts (and herbalife nutrition), highlighting and quantifying the risks to help drive business decisions. This role must proactively escalate potential risks to leadership and be outspoken in seeking mitigation actions. As this role progresses, the risk analyst will gain responsibility in designing and defining the risk analysis and serve as an advisor in gts.
job qualifications:
detailed responsibilities/duties:
* implement and maintain gts risk management program
* drive gts risks, controls, and compliance program
* conduct statistical analyses to determine potential risk and advise leadership
* track and maintain operational risk register
* capture data sox compliance and maintain related reports
* ensure data integrity and quality of data reporting prior to distribution
* create risk reports and dashboards for leadership
* create relevant training material and memos to support regulatory and operational compliance awareness
* coordinate with reporting analysts to communicate analysis to leadership
* coordinate with cross-functional members across gts functions to collect data
* coordinate with vendor management analyst to identify potential areas of vendor risk and drive mitigation actions
* ensures sox compliance; tracks deficiencies and drives mitigation actions
* acts as internal and external liaison with auditors
* assist in the development and ongoing review of security policies standards, and procedures in partnership with relevant gts and herbalife nutrition organizations
* serves as advisor to gts leads in terms of compliance and operational risk
* performs additional duties as assigned
supervisory responsibilities:
none
qualifications:
skills:
required
* proficient in related analysis and risk assessment tools
* sox and grc (governance, risk, and compliance) experience is a must
* communication skills to relay results of analysis
* ability to build strong relationships across various functions of gts to be able to preemptively identify and communicate risks
certificates / training:
required
* it, risk and security practices, standards and controls (e.g. Cobit, nist-csf, cis-csc, c2m2, csoe, itil).
preferred
* certified information systems auditor (cisa)
experience:
level iii
* 5+ years in it security, risk, controls, audit and regulatory compliance a related role
* preferred: management experience in an it security, risk, controls, audit and regulatory compliance setting
education:
required
* bachelor’s in computer science, risk management, or related degree
principles & related competencies:
ethical
* complies with policies and procedures; takes the high road and upholds our values; maintains confidentiality; acts with integrity, honesty and respect.
leader
* meets challenges head on to uphold quality standards, productivity goals, and values; sets an example, building a culture of trust, transparency, and open communication; is aligned with organizational direction
collaborative
* works cooperatively with others offers and accepts help; freely shares information as appropriate; open to and willing to provide feedback; strong contributor to the team’s results; celebrates the individual and the team; ability to clearly communicate.
looks beyond oneself
* (team player) demonstrates humility and willingness to recognize and give credit to others; works well alongside people of different backgrounds and ideas; builds good relationships with others; values distributors and teammates.
drives innovation
* add value through: proposing ideas and creative solutions to employee, distributor and/or customer challenges; listening to and respecting others ideas through collaborating and helping develop those suggestions; driving ideas forward to implementation.
delivers change
* delivers change through: adapting to different working environments; responding positively to change including new duties and assignments.
#j-18808-ljbffr