What are the responsibilities and job description for the IT Risk Quality Assurance Manager position at SouthState Bank?
As a leading bank, SouthState has been providing financial solutions to individuals, families, and businesses for more than 100 years.
SouthState team members strive to create remarkable experiences while building meaningful and lasting relationships. We are proud to be a reflection of the communities we serve, and our team members share core values that make SouthState a great place to bank, and a great place to work.
Summary/Objectives
Under the direction of the Director of IT Risk Management, the Quality Assurance Manager is responsible for supporting the development and execution of quality assurance processes to ensure the effectiveness of IT risk controls, cybersecurity measures, and regulatory compliance frameworks. This role will involve conducting independent testing and validation of IT risk management policies, standards and controls to ensure alignment with FFIEC, NIST, GLBA, SOX, PCI-DSS, and other industry regulations. By leveraging best practices, the Quality Assurance Manager will help streamline control testing, improve risk monitoring and foster a culture of continuous improvement in the IT Risk Management space. This is a hybrid position based out of our McKinney, TX office.
Essential Functions
This position would serve to take a proactive approach to risk management, include:
COMPETENCIES
Must be able to stand and/or sit for long periods of time. Must be able to effectively access and interpret information on computer screens, documents, and reports.
WORK ENVIRONMENT
Telecommuting roles no matter if hybrid or 100% full time telecommuting must have a secure home office environment that is free from background noise and distractions. They must also have a reliable private internet connection that is not supplied by use of cellular data (hot spot). Cable or fiber connections are preferred. Requirements are subject to change, as new systems and technology is delivered. Travel may be required to come to meetings as needed.
#IND1
SouthState team members strive to create remarkable experiences while building meaningful and lasting relationships. We are proud to be a reflection of the communities we serve, and our team members share core values that make SouthState a great place to bank, and a great place to work.
Summary/Objectives
Under the direction of the Director of IT Risk Management, the Quality Assurance Manager is responsible for supporting the development and execution of quality assurance processes to ensure the effectiveness of IT risk controls, cybersecurity measures, and regulatory compliance frameworks. This role will involve conducting independent testing and validation of IT risk management policies, standards and controls to ensure alignment with FFIEC, NIST, GLBA, SOX, PCI-DSS, and other industry regulations. By leveraging best practices, the Quality Assurance Manager will help streamline control testing, improve risk monitoring and foster a culture of continuous improvement in the IT Risk Management space. This is a hybrid position based out of our McKinney, TX office.
Essential Functions
This position would serve to take a proactive approach to risk management, include:
- Develop and implement a robust IT Risk Management quality assurance framework based on FFIEC guidelines, NIST and other regulatory requirements.
- Establish methodologies to assess and validate IT risk controls, cybersecurity measures and compliance with financial industry regulations.
- Design and conduct independent testing and validation of IT risk controls to ensure effectiveness and compliance.
- Identify gaps in IT risk controls and recommend remediation plans, ensuring timely resolution.
- Conduct root cause analysis for risk-related incident and assess the adequacy of controls to prevent reoccurrence.
- Support regulatory audits and examinations by providing documentation, testing evidence and assurance reports.
- Perform root cause analysis on control failures and recommend corrective actions to management.
- Track and analyze IT risk indicators (KRIs), control effectiveness metrics and compliance gaps.
- Develop and generate risk assurance reports for IT leadership, risk committees and auditors.
- Maintain risk reporting to include tracking of audit/regulatory findings, outstanding compliance issues and requirements, risk assessment mitigations, etc. to ensure timely and comprehensive responses. As part of this reporting, a full set of Key Risk Indicators should be defined with resulting action plans.
- Work with business stakeholders and other subject matter experts to assess current documentation, understand high-level business processes and apply technical background/understanding in the development of policies, procedures, workflows, and other documentation.
- Accepts other duties as assigned.
COMPETENCIES
- Strong interpersonal skills to work effectively with all levels of management
- Provision and proactive problem solving
- Data organization and analysis
- Task management and adaptability
- Strong communication/presentation, critical thinking, and influencing skills
- Education: Bachelors or higher degree required
- Job Requirements:
- 5 years in a risk-related position
- At least 3 years in IT field (preferred)
- Certifications/Specific Knowledge:
- Working knowledge of FFIEC, NIST, GLBA, SOX, PCI-DSS
- Skilled in Microsoft Excel and PowerPoint
- Project management experience strongly recommended
- New employee orientation
- Required annual compliance training
- On-going risk training, & cross-departmental training
Must be able to stand and/or sit for long periods of time. Must be able to effectively access and interpret information on computer screens, documents, and reports.
WORK ENVIRONMENT
Telecommuting roles no matter if hybrid or 100% full time telecommuting must have a secure home office environment that is free from background noise and distractions. They must also have a reliable private internet connection that is not supplied by use of cellular data (hot spot). Cable or fiber connections are preferred. Requirements are subject to change, as new systems and technology is delivered. Travel may be required to come to meetings as needed.
#IND1
