IT Risk Quality Assurance Manager

As a leading bank, SouthState has been providing financial solutions to individuals, families, and businesses for more than 100 years.SouthState team members strive to create remarkable experiences while building meaningful and lasting relationships. We are proud to be a reflection of the communities we serve, and our team members share core values that make SouthState a great place to bank, and a great place to work.SUMMARY/OBJECTIVESUnder the direction of the Director of IT Risk Management, the Quality Assurance Manager is responsible for supporting the development and execution of quality assurance processes to ensure the effectiveness of IT risk controls, cybersecurity measures, and regulatory compliance frameworks. This role will involve conducting independent testing and validation of IT risk management policies, standards and controls to ensure alignment with FFIEC, NIST, GLBA, SOX, PCI-DSS, and other industry regulations. By leveraging best practices, the Quality Assurance Manager will help streamline control testing, improve risk monitoring and foster a culture of continuous improvement in the IT Risk Management space. This is a hybrid position based out of our McKinney, TX office.ESSENTIAL FUNCTIONSThis position would serve to take a proactive approach to risk management, include:Develop and implement a robust IT Risk Management quality assurance framework based on FFIEC guidelines, NIST and other regulatory requirements.Establish methodologies to assess and validate IT risk controls, cybersecurity measures and compliance with financial industry regulations.Design and conduct independent testing and validation of IT risk controls to ensure effectiveness and compliance.Identify gaps in IT risk controls and recommend remediation plans, ensuring timely resolution.Conduct root cause analysis for risk-related incident and assess the adequacy of controls to prevent reoccurrence.Support regulatory audits and examinations by providing documentation, testing evidence and assurance reports.Perform root cause analysis on control failures and recommend corrective actions to management.Track and analyze IT risk indicators (KRIs), control effectiveness metrics and compliance gaps.Develop and generate risk assurance reports for IT leadership, risk committees and auditors.Maintain risk reporting to include tracking of audit/regulatory findings, outstanding compliance issues and requirements, risk assessment mitigations, etc. to ensure timely and comprehensive responses. As part of this reporting, a full set of Key Risk Indicators should be defined with resulting action plans.Work with business stakeholders and other subject matter experts to assess current documentation, understand high-level business processes and apply technical background/understanding in the development of policies, procedures, workflows, and other documentation.Accepts other duties as assigned.Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.COMPETENCIESStrong interpersonal skills to work effectively with all levels of managementProvision and proactive problem solvingData organization and analysisTask management and adaptabilityStrong communication/presentation, critical thinking, and influencing skillsQualifications, Education, and Certification RequirementsEducation : Bachelors or higher degree requiredJob Requirements:5 years in a risk-related positionAt least 3 years in IT field (preferred)Certifications/Specific Knowledge:Working knowledge of FFIEC, NIST, GLBA, SOX, PCI-DSSSkilled in Microsoft Excel and PowerPointProject management experience strongly recommendedTRAINING REQUIREMENTS/CLASSESNew employee orientationRequired annual compliance trainingOn-going risk training, & cross-departmental trainingPHYSICAL DEMANDS/WORK ENVIRONMENTMust be able to stand and/or sit for long periods of time. Must be able to effectively access and interpret information on computer screens, documents, and reports.WORK ENVIRONMENTTelecommuting roles no matter if hybrid or 100% full time telecommuting must have a secure home office environment that is free from background noise and distractions. They must also have a reliable private internet connection that is not supplied by use of cellular data (hot spot). Cable or fiber connections are preferred. Requirements are subject to change, as new systems and technology is delivered. Travel may be required to come to meetings as needed.#IND1

Created: 2025-02-27