IT Risk and Compliance Analyst Location : Location US-WA-Seattle Location : Address 425 Pike Street Location : City Seattle Location : State/Province WA ID 2024-2985 Category Technology Position Type Full Time Min USD $80,000.00/Yr. Max USD $100,000.00/Yr. Min USD $80,000.00/Yr. Max USD $100,000.00/Yr. Job Summary We are seeking an experienced IT Risk and Compliance Analyst to join our team at WaFd Bank. In this role, you will support the organization's IT risk management and compliance programs. This includes identifying, assessing, and mitigating risks to the IT environment and ensuring compliance with relevant regulations, standards, and policies. The role also involves collaborating with various stakeholders to implement and maintain a robust IT governance framework. Along with the key functions listed below, this position will be expected to uphold the value WaFd Bank places on simply being nice when servicing our colleagues and clients. ROLE AND RESPONSIBILITIES Risk Management: Develop, support, and maintain an IT risk management framework, including policies, procedures, and control mechanisms, to identify, assess, mitigate, and monitor IT risks across the organization. Conduct regular risk assessments, gap analyses, and control testing to evaluate the effectiveness of IT controls and identify potential threats to the IT environment and areas for improvement. Collaborate with IT, business units, and other stakeholders to implement risk mitigation strategies and remediation plans for identified control deficiencies. Provide support with third-party risk management activities and administration, including compliance documentation collection, contract reviews, contract negotiation, and technology cost analysis. Monitor and report on the effectiveness of risk management activities. Design, build, and maintain key risk and performance indicators to help measure the department's effectiveness in managing technology risk and service delivery. Compliance: Ensure IT processes adhere to and maintain compliance with relevant laws, regulations, and industry standards (e.g., FFIEC, GLBA, SOX, etc.), data privacy regulations (e.g., CCPA), and cybersecurity frameworks (e.g., NIST). Stay current with changes in relevant laws, regulations, and industry best practices and ensure the organization remains compliant. Perform regular compliance reviews and assessments. Help coordinate with internal and external auditors, providing necessary documentation and helping IT control owners address audit findings. Facilitate the reviews of IT Audit Management Responses with the IT Leadership team. Develop and maintain IT compliance documentation, including policies, procedures, and guidelines. Adherence to bank policies and procedures designed to comply with Federal regulations, including but not limited to the Bank Secrecy Act, USA Patriot Act and OFAC regulations. To that end, ensure timely and accurate preparation of Currency Transaction Reports, Suspicious Activity Reports and other recordkeeping requirements. Governance: Assist in the development and maintenance of the IT governance framework. Monitor adherence to IT governance policies and procedures and report non-compliance. Develop and deliver training programs to educate employees on IT risk management and compliance practice Incident Management: Assist in the investigation and review of IT incidents and problems. Coordinate with stakeholders to implement corrective actions and preventive measures. Conduct Post Incident Reviews and follow up on remediation activities and reporting. Internal Controls: