What does a Senior IT Assurance Analyst do at Green Dot?
Green Dot is seeking a strong Senior IT Assurance Analyst to help form our IT Assurance team. Green Dot’s IT Assurance team reports to the Company’s VP of Information Security, GRC as part of the “Second Line of Defense.” This position will help lead the IT Assurance function which provides control assurance over Green Dot’s technology infrastructure in accordance with Company policy, regulatory requirements, and industry best practices and standards. This role will be responsible for technology and security control performance testing, including evaluation of the Company’s technology processes, infrastructure, and third-party connections in accordance with FFIEC and related industry guidance. The evaluation will result in control testing results as to whether information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals and objectives. This includes but is not limited to Cybersecurity / Information Security, Cloud Computing, Technology Operations, Business Continuity Management/Disaster Recovery, IT Governance & Strategy, Systems Development Lifecycle (SDLC), Change Management, and Data Governance. 

 
As a Senior IT Assurance Analyst, you can look forward to:

• Assuming the role of enhancing the department’s Technology Control Strategy and building upon the technology control performance testing plans and procedures. 

• Performing ongoing IT and security assessments across Green Dot’s main system environments to identify risks and critical flaws within the company’s networks, applications and operating systems. Testing the company’s internal systems and third-party connections to validate technical controls and detect any computer and information security weaknesses.  

• Configuring the controls management application within the GRC tool to source control performance testing results. 

• Developing accurate and complete control performance testing results and documentation in alignment with policy and industry frameworks. 

• Drafting clear concise control performance reports, summarize findings, and aligning comprehensive management action plans with the process owner for each testable entity. Preparing quarterly reports and present to executive committees. 

• Performing pre and post implementation reviews of Company’s strategy initiatives including identifying new/emerging risks and evaluating the impact of these risks within the overall control environment. 

• Building effective relationships and partner closely with senior technology and security leadership. 

• Providing value-added recommendations to management to improve the control environment, increase operational effectiveness or improve quality of products and services provided by the Company. 

• Acting as a subject matter expert and resource in evaluation of IT infrastructure, application controls, information security, database controls, system implementation reviews, and pre/post implementation reviews. 

• As part of IT, planning and executing test procedures including working with IT and Information Security to evaluate system and automated controls. 

• Assisting with the department’s Data Analytics and Continuous control validation programs including developing complex and repeatable data analytics techniques and identifying anomalies and exceptions. 

Ready to join us in our mission?  These are the qualifications we are looking for:

Required:

• Bachelor’s degree in Information Systems, Management Information Systems, Computer Science, Technology, or other related fields. 

• Minimum 5 years in IT security/audit/control assessment role with IT controls testing experience. Prefer 2 years leading engagements. 

• Strong understanding of auditing the following Technology disciplines: SDLC/Change Management, BCM/DR, Technology Operations, Information Security, Cloud Computing, Data Governance. 

• Experience with technology infrastructure risk, controls and technology monitoring tools, including Network Infrastructure & Architecture, O/S, Cloud Computing, and Database security control reviews. 

• Knowledge of Cybersecurity controls and industry guidance & best practices such as NIST, FFIEC, COBIT, GLBA.

• Experience with security control testing and performing security assessments. 

• General understanding of financial and information systems and processes and ability to apply that knowledge in conducting IT control performance testing. 

• Executive presence and good communication skills (written and oral). 

• Enthusiastic, self-motivated, willing to be challenged and take personal responsibility. 

• Ability to effectively prioritize multiple projects, meet deadlines, and stay within budget. 

• Ability to provide guidance to audit team peers and IT Management on IT control issues. 

• Candidates with or pursuing CISA, CISSP, or CISM certifications. 

Preferred: