IT Asset Management Risk & Control Analyst

Experience Level: 7+ years

Enterprise Technology & Services (ETS) delivers shared technology services for the Firm supporting all business applications and end users. ETS provides capabilities for all stages of the Firms software development lifecycle, enabling productive coding, functional and integration testing, application releases, and ongoing monitoring and support for over 3,000 production applications. ETS also delivers all workplace technologies (desktop, mobile, voice, video, productivity, intranet/internet) in integrated configurations that boost the personal productivity of our employees.

Application and end user services are delivered on a scalable, secure, and reliable infrastructure composed of seamlessly integrated data centre, network, compute, cloud, storage, and database services.

Position Overview:

As an IT Asset Management Risk and Control Analyst, you will play a crucial role in ensuring effective control and management of IT assets within our organization. You will be responsible for assessing, monitoring, and mitigating risks associated with IT asset management processes, and implementing controls to safeguard our valuable digital resources.

This role requires a combination of technical expertise, analytical skills, and strong attention to detail to maintain a comprehensive IT asset inventory, mitigate risks, and optimize asset utilization.

Key Responsibilities :
– Overseeing ITAM Standards and control requirements subject to related processes and procedures across the firm.

– Identifying gaps, deficiencies, or inconsistencies between ITAM control requirements and documented procedures.
– Coordination of regulatory requests and external audit engagements in relations to ITAM

– Tracking governance and ensuring processes comply to control requirements.

– Preparing, collation, and distribution meeting information packs, minutes, and report for various ITAM Risk Committees and forums.
– Coordination of regulatory requests of internal or external audit engagements in relations to ITAM.

Risk Assessment and Analysis:

– Identify and evaluate potential risks and vulnerabilities in the IT asset management process.

– Assesses risks and internal control dependency on ITAM processes by identifying areas of non-compliance and evaluating risks related to key technology control requirements.

– Conduct risk assessments to determine the impact and likelihood of asset-related risks.

– Provide recommendations for risk mitigation strategies and improvements.

Control Implementation:

– Collaboration in the development and implementation of control instances and procedures with Control owners in related to IT asset management.

– Ensure control compliance with industry standards, regulations, and best practices.
– Monitor and enforce adherence to established controls.

Asset Inventory Management:

– Continuous refinement/enhancement of controls that ensure the completeness and accuracy of the up-to-date inventory of all IT assets, including hardware, software, licenses, and documentation.
– Continuous refinement/enhancement of controls that track asset lifecycles, from procurement to disposal, and optimize asset utilization. Auditing and Compliance: Conduct regular verification of the accuracy of asset records and compliance with policies.
– Collaborate with internal and external audit teams to facilitate IT asset audits and address findings. Documentation and Reporting: Create and maintain documentation of asset management processes, controls, and procedures.

– Generate reports and provide insights on asset-related risks and compliance status to management. Continuous Improvement: Identify opportunities for process optimization and efficiency improvements.

– Recommend and implement enhancements to the IT asset management program.

Qualifications:
– Undergraduate Degree in Computer Science, Engineering, or related equivalent experience.
– A minimum of 7 years of progressive experience in ITAM audits, risk and compliance is required within global and complex financial institutions or medium to large-size organization.
– Knowledge of international regulatory frameworks and industry standards such as ISO, NIST, COBIT, and other security frameworks, influencing IT asset management in the financial sector.
– Experience working with auditors and the evidence collection process.
– Strong understanding of IT asset management best practices, standards, and regulations.
– Proven experience in heavily regulated environments, preferably in the financial industry
– Excellent analytical skills and ability to interpret data to drive informed decisions.
– Experience working with cross-functional teams and stakeholders, including technical and non-technical individuals.
– Strong leadership, collaboration, and communication skills, with the ability to influence and engage stakeholders at all levels.
– Proficiency in MS-Office productivity applications

– Experience with ServiceNow a plus

– Knowledge of cybersecurity principles related to asset management is a plus.
– Certifications- CITAM (preferred)- CSAM (nice to have)- CHAMP (nice to have)- CAMSE (nice to have)- CITAD (nice to have)