IT Risk QA Senior Analyst

The SouthState story is one of steady growth, deep community roots, and an unwavering commitment to helping our customers move forward. Since our beginnings in the 1930s to becoming a trusted financial partner across the South and beyond - we are known for combining personal relationships with forward-thinking solutions.

We are committed to helping our team members find their success while maintaining the integrity of our values: building trust, fostering lasting relationships and pursuing excellence. At SouthState, individual contributions are recognized, potential is cultivated and team members are inspired to achieve their greater purpose. Your future begins here!

Summary

Under the direction of the IT Quality Assurance (QA) Risk Manager, the IT Risk QA Senior Analyst is responsible for supporting the development and execution of QA processes to ensure the effectiveness of IT risk controls, cybersecurity measures, and regulatory compliance frameworks. This role will involve conducting independent testing and validation of IT risk management policies, standards and controls to ensure alignment with FFIEC, NIST, GLBA, SOX, PCI-DSS, and other industry regulations. By leveraging best practices, the IT Risk QA Senior Analyst will help perform control testing, improve risk monitoring and foster a culture of continuous improvement in the IT Risk Management space. This is a hybrid position based out of our McKinney, TX office.

Duties & Responsibilities

• Performs controls testing including walkthroughs, design, and operating effectiveness testing per the Bank’s Enterprise Risk Management (ERM) Management Control Monitoring Program guidelines.

• Assist IT Control owners to obtain issue remediation action plans, track and report status of remediation actions, including maintaining dialogue with the business to ensure timely remediation of issues.

• Compile, manage, submit and socialize required monthly, quarterly or annual reporting including test results, dashboards and/or testing issue remediation status.

• Assist IT Risk Management with performing root cause analysis on control failures and recommend corrective actions to management

• Assist with control projects, operational and/or IT risk initiatives, where directed.

• It is the responsibility of this role to take ownership of all tasks and challenges that they encounter in the operation of their assigned position.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. 

Qualifications

Education Requirements

• Bachelor’s in Information Technology, Computer Science, Risk Management, or related field or equivalent work experience.

Minimum Experience

• 3 years of IT governance, IT risk, or IT Internal audit experience in banking or financial services. At least 1 year in IT field (preferred)

Licenses & Certifications

• High level Understanding of assurance-based activities including Information Technology controls related to Job Scheduling, Access and Change Management testing

• Strong computer skills (Microsoft Word, Excel, and PowerPoint)

Knowledge, Skills, & Abilities

• Current working knowledge of risks related to IT General Controls (ITGCs), application controls, IT platforms and related technologies.

• Highly organized with exceptional attention to detail and follow-through.

• Excellent stakeholder management, with the ability to engage with IT stakeholders.

• Knowledge of distributed platforms, operating systems, databases, network systems, web-based technology, infrastructure, and IT security tools and techniques.

• Task management and adaptability

Physical Demands and Work Environment

Physical Demands

• Ability to communicate in person, on the phone, and through electronic channels

• Ability to use a computer on a frequent basis, including typing and sustained attention to a monitor

• Ability to sit, walk, and/or stand for extended periods of time

• Ability to bend and reach

Work Environment

• Office: This position reports to a physical Company location, and the setting will be a typical office environment.

• Remote or hybrid: For remote or hybrid positions, a secure and distraction-free setting is required, with a reliable internet connection (cable or fiber preferred, mobile hotspots not acceptable).  Hybrid positions will report to a physical Company location, as directed by the manager, and that setting will be a typical office environment.

Equal Opportunity Employer, including disabled/veterans.