This role is an integral part of the Compliance Department and will regularly interact with each of OCC’s business departments. The Senior Compliance Officer (IT) will take a lead role in the initial development and implementation of the IT Compliance program which includes: IT process and control development, risk identification, predictive compliance monitoring and control testing. The Compliance Officer will also be responsible for recommending enhancements to the performance, integrity, and compliance of the organizations IT processes. This role is highly focused on review of the organizations compliance with applicable regulatory and legal rules and requirements (i.e., SEC, CFTC, Federal Reserve, etc.) as they related to technology.
Essential Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
• Contribute to the development and maintenance of Compliance Department policies and procedures
• Participate in the annual assessment of the Compliance Program and assist with the remediation of deficiencies and implementation of process improvements
• Contribute to the development and maintenance of the Regulatory Framework
• Participate or Lead compliance programs, projects, system implementations, or OCC initiatives
• Contribute to the preparation of the Annual Compliance Report
• Act as an advisor in compliance matters with OCC
• Assist the business in evaluating new products, key business initiatives, significant technology, and systems to ensure compliance with policy, laws, and regulations
• Provide guidance to business and compliance staff regarding regulatory agency interactions and examinations
Provide guidance and recommendations on the development of effective monitoring techniques
• Keep abreast of changes in regulatory environment and advises business of new requirements and trends
• Interpret policies, laws, and regulations and assists the business in determining applicability and implementation strategy
• Advise the business on the effectiveness of regulatory remediation plans
• Support business departments in establishing and implementing compliance related policies and procedures to enable sound business operations.
• Contribute to the testing methodology/approach, plan and associated procedures in support of SEC, CFTC, Federal Reserve, and OCC requirements in support of risk based testing, validation testing, and risk assessments
• Apply professional principles and standards (i.e., NIST, COBIT 5, ISO, etc.) to test and evaluate compliance of technology infrastructure.
• In some instances, coordinate testers and monitors to ensure timely completion.
• Provides status on progress of testing and escalates potential delays.
• Execute testing against defined criteria and performs review of supporting evidence.
• Prepare reports and present results of risk based testing to Compliance Management
• Escalate material findings to Compliance Management
• Assist in the analysis of findings to identify themes and trends
• Assist business and IT with creating and developing remediation plans for any identified regulatory gaps or deficiencies
• Identify, assess and report on the compliance risks associated with OCC current and proposed business activities by reviewing the results of routine compliance risk assessments
Potential oversight/leadership of the daily activities of the Compliance Officers on a project by project basis.
Qualifications: The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Broad knowledge of applicable regulatory, legal rules and requirements (e.g., SEC, CFTC, Federal Reserve, etc.).
- Strong technical skills, with particular emphasis on knowledge and practical application of federal securities laws, rules, regulations.
- Possesses proficiencies with the use of risk and control frameworks, and process improvement models (e.g. COBIT 5, COSO, ITIL, NIST, ISO 27001, ISO 9001, CMM)
- Familiarity with Systems Development Life Cycle (SDLC) process
- Ability to cultivate and build working relationships
- Comprehensive analytical, conceptual, and problem solving skills.
- Ability to work independently and as a member of a team, collaborating with internal business clients from different departments and at various levels of seniority.
- Ability to manage and prioritize assignments and respond to rapidly shifting priorities.
- Excellent organizational, written and oral communication skills.
- Demonstrated success in leading information technology, compliance or regulatory reviews/audits and implementing best practices.
- Demonstrated ability to gather, analyze, and evaluate facts and prepare and present concise oral and written reports.
- Must be proficient in the Microsoft Office Applications
- Experience with Governance, Risk and Compliance tools (e.g., eGRC) a plus
- Experience with document management tools (e.g., DMS, PolicyTech) a plus
Education and/or Experience
- Bachelor degree or equivalent required (Degree in Computer Science or related field a plus)
- 5 plus years in Compliance, Risk Management, or Audit related field required
- Experience with the development of policies and procedures required
- Experience in IT governance
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.
You will receive an email notification to confirm that we've received your application.
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.
OCC is an Equal Opportunity Employer
OCC is the world's largest equity derivatives clearing organization and the foundation for secure markets. Founded in 1973, OCC operates under the jurisdiction of both the U.S. Securities and Exchange Commission (SEC) and the U.S. Commodity Futures Trading Commission (CFTC). OCC now provides [...]