IT Compliance Analyst III

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.
The IT Compliance Analyst is critical to Simmons' IT program.
The IT Compliance Analyst is involved in the development, assessment, and maintenance of IT internal controls.
The individual is also tasked with documentation, oversight, and/or management of self-identified issues within the IT department.
The individual is responsible for understanding the IT general controls frameworks and requirements of a stable IT organization as well as understanding the risks that are relevant to reporting and assessing IT controls.

Essential Duties and Responsibilities
Coordinate with IT control owners to document, maintain and perform IT control activities
Perform inquiries and author narratives in the satisfaction of the control expectations contained within the Cyber Risk Institute's Cyber Profile v2.0
Assist with the identification of key risk exposures within the IT department and bank in general
Work with management to provide insight into potential IT risks and process improvements to support qualitative/quantitative improvements in IT control operations to eliminate deficiencies/improve processes/controls
Effectively communicate a clear and concise overview of information security risk exposures and escalate as appropriate
Document issue descriptions and remediation plans for key risk exposures within the IT department
Establish accountability with risk exposure owners and track open IT findings/issues to timely resolution
Serve as liaison between the functional units inside the IT department and various internal & external stakeholders including, but not limited to the Chief Risk Officer's enterprise-level Risk Management organization, internal and external IT auditors, state & federal regulators and other privacy & compliance assessors
Other projects, as assigned, including cross-training in the other roles within the IT Risk Management team and providing periodic cross-functional support as needed
Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
The requirements listed below are representative of the knowledge, skill, and/or ability required.

Skills
Demonstrated knowledge of IT internal control concepts and auditing standards
Experience with CRI Cyber Profile v2.0 or other relevant IT frameworks such as ITIL, COBIT, and NIST
Demonstrated experience with IT documentation and governance processes
Experience with Governance, Risk and Compliance (GRC) software and processes
Deep understanding of the full stack of technologies governed by IT controls including applications, databases, operating systems and network management systems
Exposure to information security best practices especially as it pertains to cyber security and data loss prevention
Working knowledge of common IT general controls topics including user administration, security, change management, batch processing, robotic processing automation, and other emerging risks
Previous Banking or Financial Service industries experience is a plus

Education and/or Experience
Bachelor's Degree in Information Technology, IT Security, IT Audit or related field OR 2 additional years of directly related IT and/or IT audit experience
CISA Certification or similar (CISSP, CGEIT, CRISC, etc.) IT security and/or IT audit certification is preferred
6+ years relevant experience
Other Qualifications (including physical requirements)
Proficient in use of desktop software, including Microsoft Office suite
Must possess excellent telephone and videoconferencing skills to enable live collaboration in a distributed team
Strong organizational, problem solving, and planning skills with the ability to set priorities
Ability to work independently with limited supervisory input
May be requested to travel between the DFW, TX & Little Rock, AR areas up to 5% per year
Equal Employment Opportunity Information:
Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications.
Simmons First National Corporation and its subsidiaries are committed to Affirmative Action Programs consisting of results-oriented procedures to ensure equal employment opportunities.
These programs require positive action in lieu of neutral non-discrimination and merit hiring/performance policies.