Policy Governance Analyst
3.
2 Midlothian, VA Midlothian, VA Full-time Full-time Estimated:
$60.
1K - $76.
1K a year Estimated:
$60.
1K - $76.
1K a year
Job Description:
PRIMARY FUNCTION:
The Policy Analyst is a primary contributor to VACU's Governance and Risk Program, assisting with the development, review, and maintenance of organizational policies, frameworks, methodologies, programs and processes.
The Policy Analyst partners with business-unit process/risk owners and experts to ensure controls are in place and effective to ensure practices align with VACU's risk appetite.
JOB DUTIES AND
Responsibilities:
Establish, update and maintain enterprise policies and practices aligned with regulatory requirements and security/risk frameworks, and commensurate with the organization's size and complexity.
Ensure that developed policies, standards, and procedures reflect applicable regulatory requirements and supervisory guidance.
Engage and collaborate with senior leaders, key stakeholders, and individuals across the businesses and functions on policy development, review, and implementation.
Proactively identify improvement opportunities in the policy development and review processes.
Collaborate with Risk and Control Analyst to identify opportunities to align policies, procedures, and controls associated with products and processes to reduce risk throughout VACU.
Support audits and exams by responding to requests for current policies.
Keep abreast of changes to the regulatory landscape and evolving laws Consistently apply industry best practices and recognized security and risk frameworks to the integration of policy, processes and technology to establish robust documentation providing appropriate direction and boundaries for employees.
Collaborate with the policy and procedure owners throughout the organization to create, establish and maintain, to the extent feasible, consistency and compatibility throughout VACU.
Partner with policy owner to identify and resolve gaps and discrepancies between policies and procedures.
Administer Policy Documentation Library (SharePoint).
Other duties may be required and assigned by the supervisor.
Comply with all VACU published policies and procedures.
Report policy violations as required.
Complete all required training as assigned.
JOB
Qualifications:
.
Knowledge and
Experience:
Significant, demonstrated direct experience creating and implementing written, standards-based policies and procedures in a highly regulated environment; financial services industry experience strongly preferred.
Demonstrated experience supporting enterprise information management, enterprise risk management and/or general governance functions.
Demonstrated experience in business or technical writing, including creation and implementation of formal policy and procedure documentation.
Strong working knowledge of general banking practices, risks and internal controls, and related standards and regulations (e.
g.
NCUA, FFIEC, COSO, CFPB).
Experience in gap analysis and identification of appropriate mitigation strongly preferred.
Experience working in a fast-paced, compliance-oriented, risk management, service function.
Demonstrated knowledge of IT controls and their application to policy/procedural development, including familiarity with one or more of the following is a plus:
FFIEC and/or NCUA IT Handbooks and requirements; Center for Internet Security's Critical Security Controls (CIS CSC); Payment Card Industry (PCI) standards; or NIST Cybersecurity Framework.
Skills and Abilities:
Advanced computer skills, including excellent proficiency with Microsoft Office applications (Word, Excel, Outlook); strong working knowledge of MS SharePoint, to include creating/editing/managing SharePoint Document Libraries.
Excellent writing skills with ability to make complex information easily understood by all audiences.
Strong written and verbal communication skills, including proper grammar and spelling.
Interacts confidently, tactfully, and professionally across all levels of the organization, including upper management, technical teams, and employees at large.
Ability to independently research, interpret, and apply regulatory requirements and industry-standard best practices to technical and business practices.
Excellent analytical skills to identify gaps, trends, and applicability.
Self starter with excellent planning, documentation, and organizational skills Proactive, flexible, diplomatic and resourceful in overcoming challenges, collaboratively crafting workable solutions and achieving value-driven outcomes Minimum Education:
Bachelor's degree required, preferably in, Risk Management, Business Management, Public Administration, Business Analytics, Information Management, or a related field; technical training, certifications, or prior work experience may be considered in lieu of bachelor's degree.
Demonstrated experience in business or technical writing, including creation and implementation of formal policy and procedure documentation.
Relevant professional certification(s) in risk management or internal control (e.
g.
RIMS-CRMP, PMI-RMP, IIA-CIA, IIA-CRMA COSO-ERM, CUNA-CUERME, etc.
) beneficial PHYSICAL REQUIREMENTS:
This job requires the ability to sit for long periods of time.
This job requires occasional lifting or carrying of objects up to 20 pounds.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
2 Midlothian, VA Midlothian, VA Full-time Full-time Estimated:
$60.
1K - $76.
1K a year Estimated:
$60.
1K - $76.
1K a year
Job Description:
PRIMARY FUNCTION:
The Policy Analyst is a primary contributor to VACU's Governance and Risk Program, assisting with the development, review, and maintenance of organizational policies, frameworks, methodologies, programs and processes.
The Policy Analyst partners with business-unit process/risk owners and experts to ensure controls are in place and effective to ensure practices align with VACU's risk appetite.
JOB DUTIES AND
Responsibilities:
Establish, update and maintain enterprise policies and practices aligned with regulatory requirements and security/risk frameworks, and commensurate with the organization's size and complexity.
Ensure that developed policies, standards, and procedures reflect applicable regulatory requirements and supervisory guidance.
Engage and collaborate with senior leaders, key stakeholders, and individuals across the businesses and functions on policy development, review, and implementation.
Proactively identify improvement opportunities in the policy development and review processes.
Collaborate with Risk and Control Analyst to identify opportunities to align policies, procedures, and controls associated with products and processes to reduce risk throughout VACU.
Support audits and exams by responding to requests for current policies.
Keep abreast of changes to the regulatory landscape and evolving laws Consistently apply industry best practices and recognized security and risk frameworks to the integration of policy, processes and technology to establish robust documentation providing appropriate direction and boundaries for employees.
Collaborate with the policy and procedure owners throughout the organization to create, establish and maintain, to the extent feasible, consistency and compatibility throughout VACU.
Partner with policy owner to identify and resolve gaps and discrepancies between policies and procedures.
Administer Policy Documentation Library (SharePoint).
Other duties may be required and assigned by the supervisor.
Comply with all VACU published policies and procedures.
Report policy violations as required.
Complete all required training as assigned.
JOB
Qualifications:
.
Knowledge and
Experience:
Significant, demonstrated direct experience creating and implementing written, standards-based policies and procedures in a highly regulated environment; financial services industry experience strongly preferred.
Demonstrated experience supporting enterprise information management, enterprise risk management and/or general governance functions.
Demonstrated experience in business or technical writing, including creation and implementation of formal policy and procedure documentation.
Strong working knowledge of general banking practices, risks and internal controls, and related standards and regulations (e.
g.
NCUA, FFIEC, COSO, CFPB).
Experience in gap analysis and identification of appropriate mitigation strongly preferred.
Experience working in a fast-paced, compliance-oriented, risk management, service function.
Demonstrated knowledge of IT controls and their application to policy/procedural development, including familiarity with one or more of the following is a plus:
FFIEC and/or NCUA IT Handbooks and requirements; Center for Internet Security's Critical Security Controls (CIS CSC); Payment Card Industry (PCI) standards; or NIST Cybersecurity Framework.
Skills and Abilities:
Advanced computer skills, including excellent proficiency with Microsoft Office applications (Word, Excel, Outlook); strong working knowledge of MS SharePoint, to include creating/editing/managing SharePoint Document Libraries.
Excellent writing skills with ability to make complex information easily understood by all audiences.
Strong written and verbal communication skills, including proper grammar and spelling.
Interacts confidently, tactfully, and professionally across all levels of the organization, including upper management, technical teams, and employees at large.
Ability to independently research, interpret, and apply regulatory requirements and industry-standard best practices to technical and business practices.
Excellent analytical skills to identify gaps, trends, and applicability.
Self starter with excellent planning, documentation, and organizational skills Proactive, flexible, diplomatic and resourceful in overcoming challenges, collaboratively crafting workable solutions and achieving value-driven outcomes Minimum Education:
Bachelor's degree required, preferably in, Risk Management, Business Management, Public Administration, Business Analytics, Information Management, or a related field; technical training, certifications, or prior work experience may be considered in lieu of bachelor's degree.
Demonstrated experience in business or technical writing, including creation and implementation of formal policy and procedure documentation.
Relevant professional certification(s) in risk management or internal control (e.
g.
RIMS-CRMP, PMI-RMP, IIA-CIA, IIA-CRMA COSO-ERM, CUNA-CUERME, etc.
) beneficial PHYSICAL REQUIREMENTS:
This job requires the ability to sit for long periods of time.
This job requires occasional lifting or carrying of objects up to 20 pounds.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
