Operational Risk Review - Technology Auditor
About this role
At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions, enabling the communities we support to grow and succeed in the right ways, all more confidently and more often—that’s what we call the courage to thrive. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive. Try new things, learn new skills and discover what you excel at—all from Day One.
As a wholly owned subsidiary of U.S. Bank, Elavon is committed to building the platforms and ecosystems that help over 1.5 million customers around the world to achieve their financial goals—no matter what they need. From transaction processing to customer service, to driving innovation and launching new products, we’re building a range of tailored payment solutions powered by the latest technology. As part of our team, you can explore what motivates and energizes your career goals: partnering with our customers, our communities, and each other.
We actively uphold transparent and fair hiring practices that support individual opportunity, inclusive culture, and career mobility across all levels of our organisation.
We offer meaningful opportunities for growth, a culture of inclusion, and a strong commitment to transparency and integrity in everything we do.
Job Description
Operational Risk Review - Technology Auditor
The Operational Risk Review- Technology Auditor t is entrusted with administering and executing testing activities within the Independent Risk Review Assessment (IRRA), a centralized second-line independent testing function. This role involves close collaboration with business lines and professionals in Technology, Risk, Compliance, and Audit across the bank to evaluate processes and controls, thereby supporting an effective risk management framework.
Responsibilities
- Execute tests within projects and activities that confirm compliance with internal policies, applicable laws, and regulations in areas such as Technology, Information Security, Cyber Security, Resiliency, Data Protection & Privacy, Artificial Intelligence, and Machine Learning.
- Conduct comprehensive reviews covering, but not limited to: Software Development Life Cycle, Cloud Platform Security (Azure & AWS), Authentication and Access Control, Data Loss Prevention, Endpoint Security, Encryption Key and Certificate Management, Network Security, Logging and Monitoring, Security Incident Response, Vulnerability and Configuration Management.
- Identify weaknesses in controls and processes through end-to-end control testing, including planning, walkthroughs, design assessments, sample selection, and evidence review.
- Prepare high-quality documentation, including Risk & Control Matrices, in accordance with internal methodologies and regulatory requirements.
- Collaborate with business lines and Risk Management teams to recommend and influence solutions that mitigate operational risks when gaps are identified.
- Communicate testing results effectively to management, including drafting well-written reports and escalating significant risks as necessary.
- Basic Qualifications
- Bachelor's degree, or equivalent work experience
- Typically, more than five years of applicable experience
- Preferred Skills/Experience
- Basic or intermediate knowledge of technology, systems, data governance, cyber and / or information security risks as well as industry trends that impact Bank operations.
- Basic or intermediate Risk, Compliance, and Audit competencies.
- Solid understanding of the business line’s operations, products, services, systems, and associated risks.
- Solid business acumen and credibility to help business line(s) proactively identify and address risks.
- Average process facilitation, project management, and analytical skills.
- Average presentation, interpersonal, written, and verbal communication skills.
- Proficient computer navigation skills using a variety of software packages, including Microsoft Office
- applications and word processing, spreadsheets, databases, and presentations.
- Applicable professional certifications (e.g., CISA, GSNA, CISSP, CRISC, CIA) are preferred
- Working Hours:
- Based on Polish standard time (typically 9:00 AM – 5:00 PM or 10:00 AM – 6:00 PM), with flexibility to accommodate occasional meetings with U.S.-based colleagues.
- This role requires working from a U.S. Bank location three (3) or more days per week.