Risk Analyst - 2LoD Controls Testing and Oversight
About the role
The Governance & Control Analyst III provides specialized business governance and control guidance and support for a business or functional area and implements policies/processes and/or initiatives to meet business governance and control objectives. This role may provide complex reporting, analysis, testing and assessments at the functional or enterprise level and is generally a lead or SME for a given area/function.
Responsibilities
- Execute independent 2LOD testing of business and technology controls, including test planning, fieldwork, and documentation
- Execute independent testing in the following areas: Control Design & Operating Effectiveness, Transactions Testing, Data Reconciliations, Logic Reperformance, Data Profiling/Analytics, End-User Computing (EUC), Review, Policy & Procedure Review, Governance/Oversight, and Regulatory Rule Compliance
- Identify opportunities to streamline and automate controls testing (where appropriate), including through the use of generative AI, agentic AI, and RPIS
- Support maintenance of the testing inventory and update the testing universe and test plans based on regulatory developments and changes in the internal risk profile
- Partner with business and technology stakeholders to discuss key controls, potential control gaps, root causes, and remediation plans
- Audit processes and controls end-to-end and connect themes across issues to drive standardization of solutions, processes, and control design
- Monitor emerging risk and regulatory trends, identify issues and opportunities, and recommend actions to management
- Manage deliverables proactively and provide clear, timely status updates, risks, and dependencies to management
- Perform ongoing risk analysis, escalate concerns appropriately, and support concise reporting for internal governance and regulatory needs
Requirements
Bachelor’s degree required; advanced degree and/or relevant certifications (e.g., CRISC, CISA, CIA, CPA, FRM, CFA) a plus
2+ years of experience in operational risk, risk management, internal audit, compliance testing, or related roles within financial services
Knowledge of financial services industry products and related reporting
Business Banking experience is an asset
Ability to interpret guidelines, standards, policies, and analysis results to inform decisions and provide effective challenge at senior levels
Strong attention to detail and a demonstrated ability to identify root causes behind issues and observations
Strong analytical, problem-solving, and organizational skills
Confidence to challenge the status quo and navigate difficult conversations with professionalism and tact
Strong written and verbal communication skills, with the ability to build and maintain effective working relationships across functions
Physical Requirements: Performing sedentary work – Continuous; Performing multiple tasks – Continuous; Operating standard office equipment – Continuous; Responding quickly to sounds – Occasional; Sitting – Continuous; Standing – Occasional; Walking – Occasional; Moving safely in confined spaces – Occasional; Lifting/Carrying (under 25 lbs.) – Occasional; Lifting/Carrying (over 25 lbs.) – Never; Squatting – Occasional; Bending – Occasional; Kneeling – Never; Crawling – Never; Climbing – Never; Reaching overhead – Never; Reaching forward – Occasional; Pushing – Never; Pulling – Never; Twisting – Never; Concentrating for long periods of time – Continuous; Applying common sense to deal with problems involving standardized situations – Continuous; Reading, writing and comprehending instructions – Continuous; Adding, subtracting, multiplying and dividing – Continuous
Qualifications
Undergraduate degree preferred
Broad knowledge of business and risk and control environment
4+ years of relevant experience
Solid knowledge of governance, risk and control procedures, strategies & tactics
Knowledge of current and emerging trends
Skills in using analytical software tools, data analysis methods and reporting techniques
Skills in using computer applications including MS Office
Ability to communicate effectively in both oral and written form
Ability to work collaboratively and build relationships
Ability to work successfully as a member of a team and independently
Ability to exercise sound judgment in making decisions
Ability to analyze, research, organize and prioritize work while meeting multiple deadlines
Ability to process and handle confidential information with discretion
Additional Responsibilities: Execute independent 2LOD testing of business and technology controls, including test planning, fieldwork, and documentation
Execute independent testing in the following areas: Control Design & Operating Effectiveness, Transactions Testing, Data Reconciliations, Logic Reperformance, Data Profiling/Analytics, End-User Computing (EUC), Review, Policy & Procedure Review, Governance/Oversight, and Regulatory Rule Compliance
Identify opportunities to streamline and automate controls testing (where appropriate), including through the use of generative AI, agentic AI, and RPIS
Support maintenance of the testing inventory and update the testing universe and test plans based on regulatory developments and changes in the internal risk profile
Partner with business and technology stakeholders to discuss key controls, potential control gaps, root causes, and remediation plans
Assess processes and controls end-to-end and connect themes across issues to drive standardization of solutions, processes and control design
Monitor emerging risk and regulatory trends, identify issues and opportunities, and recommend actions to management
Manage deliverables proactively and provide clear, timely status updates, risks, and dependencies to management
Perform ongoing risk analysis, escalate concerns appropriately, and support concise reporting for internal governance and regulatory needs