GM Financial Arlington , TX 76004
Posted 2 weeks ago
Overview
Why GMF Technology?
GM Financial is set to change the auto finance industry and is leading the path of embarking on tech modernization - we have a startup mindset, and preserve our small company culture, in a public company environment with financial stability and intense growth over a decade-long history. We are data junkies and trust in data and insights to advance our business objectives.
We take our goal of zero emission, zero collision, zero congestion, and zero friction very seriously. We believe as the auto finance market leader we are in the driver's seat to lead us in the GM EV mission to change the world.
We are building global platforms, LATAM, Europe, China - and we are looking to grow our high-performing team. GMF is comprised of over 10,000 team members globally. Join our fintech culture within a Blue-Chip company where we are changing the way we use technology to support our customers and business.
Responsibilities
About the role:
The IT Risk Analyst is responsible for proactively and independently recognizing, assessing and documenting risk assessments report data for GMF. This team member is responsible for the assessment document gathering and development, monitoring, tracking and drive continuous risk improvements across the enterprise. This role is integral in identifying, mitigating both inherent and residual risks, performing risk assessments of applications, infrastructure, business and technology against GMF's defined risk management framework. The position's overall responsibility is evaluating business and IT risk, communicate findings, recommendations and mitigation plans in a timely and precise manner. The ideal candidate should be passionate about continuing to build an IT Risk Management and Assessment program, willing to adapt to a changing environment and the ability to articulate complex issues to management. Understand, communicate, and commit to the organization's vision, goals and strategies relating to risk, governance and compliance. The Sr IT Risk Analyst will work to improve the overall posture of Information Technology Risk at GM Financial.
JOB DUTIES
Schedule and perform IT risk and gap assessments using risk methodology; identify and document control deficiencies in business processes and technology systems
Develop and execute compliance reviews to evaluate the effectiveness of general controls and operating processes, including documentation, presentations and action plan remediation assistance
Work with business to understand the potential risk findings identified through the risk assessment process
Provide risk remediation recommendations that the business and IT may implement to mitigate the identified control gaps
Evaluate management and document owner responses to ensure that remediation plans and tasks adequately address identified control gaps
Document risk issues in a designated risk register
Participate in and influence information risk continuous process improvement
Develop strong partnerships across our organization
Strong interaction and collaboration with project management and technical teams to convey risk mitigation requirements
Assist with repeatable data collection processes to drive consistent measurement and reporting of risk metrics
Leverage data to identify emerging risks, process improvements, and/or areas requiring increased risk focus
Develop business specific key risk and key performance indicators to keep pulse on significant risks within the line of business
Provide services to IT personnel in the development of policy, standard, and process
Analyze and interpret audit request to provide consultation and expert advice on how to formally respond and remediate issues
Maintain GMF's IT risks, controls, policies, standards and action plans using the Governance, Risk and Compliance systems (GRC)
As the Sr IT Risk Analyst, you will provide leadership and subject matter expertise to ensure risk is being identified and reviewed within GMF and compliant with company security policies and practices
Utilize a risk based approach to set requirements for recommended remediation
Work with internal project managers and security architects and engineers in determining if new designs and projects will expose data, risk or threats
Actively participate in IT governance committees across GMF
Perform other duties as assigned
Conform with all company policies and procedures
Qualifications
What makes you a dream candidate?
Knowledge
Advanced working knowledge of financial industry best practices and concepts, as it relates to IT and the financial industry sector
Proficient in the use of Microsoft Office products (Excel, PowerPoint, Word, Access, Visio)
Knowledgeable in industry laws and regulations governing GMF (eg SOX)
Knowledge of principles and procedures involved in handling sensitive data
High integrity and business ethics
Knowledge of enterprise Governance, Risk and Compliance systems (eg, Archer)
Proficient knowledge of enterprise policies and standards
Skills
Detail oriented, self-motivated, work with little supervision, timely completions of projects, adapts to changing priorities
Strong ability to influence through discussions and presentations to all levels of stakeholders
Can articulate business requirements and functional risk specifications clearly, as well as listen to and considers others' ideas and expertise for risk resolution
Exhibit effective written and oral communication, to convey information in a clear and concise manner
Work efficiently and effectively, with the ability to work through stressful situations
Ability to analyze relevant and complex data and information into risk requirements
Superior organizational and time management skills
Ability to work independently and make sound decisions while meeting time sensitive deadlines
Experience and Education
5-7 years in technology, specifically focused in IT Risk Assessments, Compliance and Internal Audit, reviewing and testing controls as integral components of risk and compliance identification required
Extensive experience analyzing enterprise-wide risk and executing mitigation plans accordingly required
Experience writing user documentation required
Financial Services industry experience preferred
Bachelor's Degree in related field or equivalent work or military experience required
CRISC, CISA, CIPP certification preferred
What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.
Our Culture: Our team members define and shape our culture - an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work - we thrive.
Compensation: Competitive pay and bonus eligibility.
Work Life Balance: Flexible hybrid work environment, 2 days a week in the office.
#LI-Hybrid
#LI-SG1
GM Financial