Logo of Huzzle

Senior IT Risk Analyst - IT General Controls

  • Job
    Full-time
    Mid & Senior Level
  • IT & Cybersecurity
    Business, Operations & Strategy
  • Madrid

AI generated summary

  • You need a relevant degree, 3-5 years in IT Risk/Audit, knowledge of ITGC and compliance frameworks, GRC tools experience, strong analytical skills, and preferred IT certifications.
  • You will develop ITGC frameworks, ensure compliance, assess control effectiveness, coordinate audits, track remediation, liaise across teams, report risks, and provide training on ITGC processes.

Requirements

  • Bachelor’s degree in Information Technology, Computer Science, Risk Management, Business Administration or a related field.
  • 3-5 years of experience in IT Risk management, IT audit, or IT controls. Experience within the Insurance Industry will be a plus.
  • Strong understanding of ITGC domains: access controls, change management, data integrity, and IT operations.
  • Knowledge of regulatory and compliance frameworks (e.g., SOX, GDPR, PCI-DSS, NIST).
  • Experience with GRC (Governance, Risk, and Compliance) tools and frameworks.
  • Excellent analytical and problem-solving skills with the ability to manage complex data and processes.
  • Effective communication and stakeholder management skills, with the ability to influence and educate diverse audiences.
  • Certifications (Preferred): i) Certified Information Systems Auditor (CISA), ii) Certified Risk and Information Systems Control (CRISC), iii) Certified in Governance of Enterprise IT (CGEIT), iv) Certified Information Systems Security Professional (CISSP)
  • Analytical thinking and problem-solving, with the ability to identify issues or risks that require escalation.
  • Demonstrated ability to work independently with minimal supervision.
  • Attention to detail and ability to manage multiple priorities.
  • Strategic mindset with a focus on continuous improvement.
  • Proactive and self-motivated, with a keen sense of ownership and accountability.
  • Adaptable in a fast-paced, evolving regulatory landscape.

Responsibilities

  • Develop and document a comprehensive ITGC framework tailored to the organization’s technological landscape.
  • Ensure alignment of ITGCs with regulatory requirements, industry standards (e.g., SOX, ISO 27001, COBIT), and internal policies.
  • Evaluate the design effectiveness and identify and communicate gaps or weaknesses in existing ITGCs, recommending practical solutions for remediation.
  • Design and execute testing plans to evaluate the operational effectiveness of ITGCs, ensuring compliance and audit readiness.
  • Coordinate with internal and external auditors to facilitate ITGC assessments and audits.
  • Track and validate remediation efforts for identified control deficiencies, ensuring timely resolution.
  • Act as a liaison between technology, compliance, and risk management teams to promote a shared understanding of IT risks.
  • Develop and deliver reports, dashboards, and presentations to senior management, highlighting key risks and control performance metrics.
  • Provide training and guidance to teams on ITGC processes, ensuring consistent implementation and awareness.

FAQs

What is the role of a Senior IT Risk Analyst at Cigna?

The Senior IT Risk Analyst is responsible for leading the development, articulation, and testing of IT General Controls (ITGCs) to ensure the integrity, reliability, and security of the IT environment, while acting as a trusted advisor to key stakeholders.

What qualifications are required for this position?

Candidates should have a Bachelor's degree in Information Technology, Computer Science, Risk Management, Business Administration, or a related field, along with 3-5 years of experience in IT Risk management, IT audit, or IT controls.

Are there any preferred certifications for this role?

Yes, preferred certifications include Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC), Certified in Governance of Enterprise IT (CGEIT), and Certified Information Systems Security Professional (CISSP).

What are the key responsibilities of this position?

Key responsibilities include developing and documenting a comprehensive ITGC framework, designing and executing testing plans for ITGCs, coordinating with auditors, and providing training and guidance to teams on ITGC processes.

Is experience in the insurance industry a plus for this role?

Yes, experience within the insurance industry is considered a plus.

What are the key competencies required for the Senior IT Risk Analyst role?

Key competencies include analytical thinking and problem-solving skills, attention to detail, strategic mindset, the ability to work independently, adaptability, and a proactive approach.

What type of work environment does Cigna promote?

Cigna promotes a multicultural working environment with a hybrid working model, emphasizing teamwork, collaboration, and personal growth.

What kind of benefits does Cigna offer to employees?

Cigna offers a permanent contract, great social benefits, private medical insurance, and an educational development program.

How does Cigna prioritize its employees?

Cigna prioritizes its employees by fostering growth, offering meaningful work, and creating an inclusive culture where contributions are valued.

Can I apply for this position if I require reasonable accommodation during the application process?

Yes, you can request reasonable accommodation by emailing SeeYourselfEMEA@cigna.com for support during the online application process.

Science & Healthcare
Industry
10,001+
Employees

Mission & Purpose

The Cigna Group is a global health company committed to creating a better future built on the vitality of every individual and every community. We relentlessly challenge ourselves to partner and innovate solutions for better health. The Cigna Group includes products and services marketed under Cigna Healthcare, Evernorth Health Services or its subsidiaries. The Cigna Group maintains sales capabilities in more than 30 countries and jurisdictions, and has more than 190 million customer relationships around the world.