Senior It Risk & Compliance Analyst

Introduction
Since 1973, East West Bank has served as a pathway to success. With over 120 locations across the U.S. and Asia, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, and high-tech help build sustainable businesses and expand our associates' potential for career advancement.
Headquartered in California, East West Bank (Nasdaq: EWBC) is a top performing commercial bank with an exclusive focus on the U.S. and Greater China markets. With a strong foundation, and enterprising spirit and a commitment to absolute integrity, East West Bank gives people the confidence to reach further.
Overview
East West Bank is seeking a Senior IT Risk & Compliance Analyst to join our IT Governance, Risk and Compliance (GRC) team. The IT Risk Professional will work with East West Bank's 1st line management to identify, assess, monitor technology and security risks and controls. In support of this mission, the IT Risk Professional will provide guidance to management to establish controls, implement risk mitigation measures, and support of continuous review and improvement initiative. The IT Risk Professional will serve as the lead reviewer focused on risk identification and will lead the completion of regular control assessments (testing).
Responsibilities

• Oversee and participate in the governance, risk management and compliance of technology-driven processes within the organization.
• Assist management in identifying, assessing (testing) and monitoring technology and security risks and controls.
• Collaborate with process owners to create process narratives, risk and control matrices and flowcharts; identifying opportunities to improve business processes and internal controls using your knowledge, prior experiences, and leading practices.
• Assess the adequacy and effectiveness of controls within technology related process/risk areas across the organization to conclude on design and operating effectiveness of key controls.
• Conduct reviews of Risk and Control Self-Assessments (RCSAs).
• Support 2nd and 3rd line with the risk management activities and audits, with a focus on technology and security risk areas.
• Oversee and monitor project status and reporting; proactively identifying project risks, roadblocks, or scope creep and communicating them timely. Perform timely review of project deliverables to ensure alignment with management and audit requirements.
• Advise management as an SME on regulatory and corporate policies compliance issues.
• Provide timely, open, honest, and constructive feedback to team members; seeking out ways to create extraordinary development opportunities.
• Balance competing priorities with minimal disruptions, managing time effectively to maintain project progress

Qualifications

• Bachelor's degree or higher in Information Systems, Computer Science, Security or related and or equivalent combination of work experience.
• Minimum of 3-5 years of operations and technology governance, risk management, compliance, and audit.
• Expert knowledge of one or more of the more following compliance standards and frameworks: COBIT, NIST, GLBA, SOX, PCI ISO17999, & ISO27001.
• Professional certification of CPA, CIA, CISA, CISM, CISSP or similar preferred.
• Expert knowledge of risk management tools and methodologies.
• Proficient in the design and implementation of effective information security and technology controls.
• Ability to re-engineer processes to improve governance, risk management and compliance practices with minimal oversight.
• Experience with regulatory exams, SOX, and internal & external audits.
• Ability to communicate effectively, clearly, and concisely - also able to assess situations and ensure responses are well suited to various business situations.
• Ability to work collaboratively and independently.
• Demonstrated experience in developing and maintaining effective relationships with senior and mid-level management.
• Detail oriented with strong organizational and prioritization skills.
• Strong communication and writing skills.
• Ability to perform multiple projects simultaneously.
• Experience with GRC / Project Management tools like ServiceNow, Predict360 and Jira.
• Working knowledge of Microsoft Word, Excel, PowerPoint, Visio.

Compensation
The base pay range for this position is USD $90,000.00/Yr. - USD $120,000.00/Yr. Exact offers will be determined based on job-related knowledge, skills, experience, and location.