Risk Information Technology and Data Analyst

Thank you for your interest in a career at Regions. At Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice.

Regions is dedicated to taking appropriate steps to safeguard and protect private and personally identifiable information you submit. The information that you submit will be collected and reviewed by associates, consultants, and vendors of Regions in order to evaluate your qualifications and experience for job opportunities and will not be used for marketing purposes, sold, or shared outside of Regions unless required by law. Such information will be stored in accordance with regulatory requirements and in conjunction with Regions’ Retention Schedule for a minimum of three years. You may review, modify, or update your information by visiting and logging into the careers section of the system.

Job Description:

At Regions, the Risk Information Technology and Data Analyst is a key member of the IT and Data Risk Management organization and performs general activities consistent with the second line of defense, including IT and Data risk identification, measurement, mitigation, monitoring, and reporting. This position supports the implementation of Regions’ Risk Management Framework aligned with regulatory expectations (FFIEC, NIST, GLBA) and internal policies. The analyst collaborates with Technology, Cyber Security, Data and Analytics, Compliance, Business Risk Teams, and Internal Audit to proactively manage IT and Data risks.

Primary Responsibilities

• Leads IT and Data Risk Targeted Risk Assessments, Continuous Monitoring, and Testing as identified across all aspects of Information Technology and Data, including application development, cyber security, enterprise architecture, business continuity and disaster recovery, data governance, data quality, and change management, etc
• Performs core risk assessments, including the enterprise risk assessment, payment network attestations, and the cyber security risk assessment which evaluates the company’s compliance with key regulatory requirements
• Performs gap assessments to evaluate the design and effectiveness of technology and data controls aligned to regulatory and industry requirements
• Reviews and validates risk analysis work completed by junior team members
• Creates and revises IT and Data Risk Management methodology, including procedures
• Monitors trends and regulatory changes in IT and Data and advises leadership on technology and data initiatives that support these trends
• Reviews IT and Data policies and standards to ensure they align with regulations and industry best practices.
• Monitors, tracks, validates, and reports mitigation and resolution of IT and Data risk issues
• Develops and produces reporting to effectively communicate key risks, findings, and recommendations for improvement and participates in discussions of results with key stakeholders
• Performs annual planning, including staffing assessments and identifying training opportunities
• Supports exam readiness for regulatory and audit examinations including providing risk insights, collecting evidence, and preparing verbal and written materials
• Forms and maintains effective partnerships with key stakeholders within strategic business groups and technology to provide credible challenge of Technology and Data’s execution of the risk management framework
• Provides day to day guidance and mentoring to junior analysts and helps build risk awareness across technology, data, and business functions

This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.

Requirements

• Bachelor’s degree in related field
• Five (5) years of relevant experience in IT risk, IT audit, technology, cybersecurity, or operational risk
• Strong understanding of risk management, cybersecurity/technology, and compliance principles

Preferences

• Certifications (e.g., Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Public Accountant (CPA))
• Experience in a financial institution or public accounting
• Experience with GRC tools (e.g., Archer, ServiceNow)
• Strong understanding of key banking regulations and industry standards (e.g., FFIEC, GLBA, NIST).
• Strong analytical and communication skills with the ability to translate technical risks for business audiences.

Skills and Competencies

• Ability to adapt to quickly changing environments
• Ability to build effective partnerships
• Ability to mentor and guide less experienced team members
• Ability to research, analyze data, and derive facts
• Ability to work under pressure and meet deadlines
• Proficiency with Microsoft Products (Excel, PowerPoint, Power BI, Teams, Visio, SharePoint) and ability to learn additional systems as needed
• Strong critical thinking and problem-solving skills
• Strong verbal, written communication, and organizational skills
• Strong work ethic and self-motivation

Position Type

Full time

Compensation Details

Pay ranges are job specific and are provided as a point-of-market reference for compensation decisions. Other factors which directly impact pay for individual associates include: experience, skills, knowledge, contribution, job location and, most importantly, performance in the job role. As these factors vary by individuals, pay will also vary among individual associates within the same job.

The target information listed below is based on the Metropolitan Statistical Area Market Range for where the position is located and level of the position.

Job Range Target:

Minimum:

$99,222.20 USD

Median:

$132,650.00 USD

Incentive Pay Plans:

This job may participate in an annual discretionary bonus plan.

Benefits Information

Regions offers a benefits package that is flexible, comprehensive and recognizes that "one size does not fit all" for benefits-eligible associates. Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions.

• Paid Vacation/Sick Time

• 401K with Company Match

• Medical, Dental and Vision Benefits

• Disability Benefits

• Health Savings Account

• Flexible Spending Account

• Life Insurance

• Parental Leave

• Employee Assistance Program

• Associate Volunteer Program

Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time. To learn more about Regions’ benefits, please click or copy the link below to your browser.

https://www.regions.com/about-regions/welcome-portal/benefits

Location Details

Riverchase Operations Center

Location:

Hoover, Alabama

Equal Opportunity Employer/including Disabled/Veterans

Job applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting. Job postings for higher-volume positions may remain active for longer than the minimum period due to business need and may be closed at any time thereafter at the discretion of the company.