Risk Information Technology and Data Analyst - Senior Analyst

About the position

At Regions, the Risk Information Technology and Data Analyst is a key member of the Innovation and IT and Data Risk Management organization and performs activities consistent with the second line of defense. This position will influence enterprise innovation and conduct IT and Data risk identification, measurement, mitigation, monitoring, and reporting activities in accordance with the enterprise strategy and enterprise risk appetite. The role is essential in ensuring that the organization effectively manages risks associated with information technology and data, thereby safeguarding the integrity and security of sensitive information. The analyst will assist in conducting key tasks and/or projects to perform IT and Data Risk Assessments, Advisory Reviews, Project Assessments, 3rd Party Testing, and other project reviews as identified across all aspects of Information Technology and Data. This includes application development, cyber security, enterprise architecture, business continuity and disaster recovery, data governance, data quality, and change management. The analyst will remain abreast of innovative business and technology trends in IT and Data security, risk, security, and controls, advising leadership on technology and data initiatives that support these trends. In addition, the analyst will manage relationships with key stakeholders within strategic business groups and technology to ensure effective execution of the risk management framework. They will perform deep dives on IT and Data security-related processes and systems, identifying applicable regulatory risks from changes or releases to regulatory guidance and requirements, providing subject matter expertise for resolution and risk mitigation. The role also involves developing, tracking, and reporting on Key Risk Indicators (KRI's) for Information Technology, monitoring, tracking, and reporting mitigation and resolution of IT and Data risk issues, and developing and managing reporting to effectively communicate key risks, findings, and recommendations for improvement to key stakeholders.