IT Analyst

<p><strong>ERNI&nbsp;</strong>is a fast-growing Software Development company headquartered and founded in Switzerland in 1994, with more than 800 employees. We are highly specialized in IT &amp; software engineering to enable and deliver innovation in process and technology. Our first service center in Asia Pacific is in Metro Manila (Mandaluyong) from where we provide our service to Europe, APAC incl. our local market Philippines, and USA regions. We are now geared towards expansion and are looking for highly motivated joiners.</p><p></p><p><strong>WHY ERNI is the best place to call HOME? 🏡</strong><br></p><ul><li><p></p></li></ul><p>🤩&nbsp;<strong>At ERNI,</strong>&nbsp;this is how we can support you;&nbsp;<strong>ALL</strong>&nbsp;company<strong>&nbsp;PERKS AND BENEFITS&nbsp;</strong>take effect&nbsp;<strong>UPON HIRING!</strong></p><ul><li><p><strong>Contract</strong>: there is always a project and opportunity for you.</p></li><li><p><strong>Personal Development and Travel Opportunities outside the Philippines.</strong></p></li><li><p><strong>Baby Basket</strong>&nbsp;– to welcome your newborn to the ERNI family.</p></li><li><p><strong>Fruit Basket&nbsp;</strong>– boost of vitamins during hospitalization.</p></li><li><p><strong>Free snacks and coffee in the office</strong></p></li></ul><p></p><p>🔐&nbsp;<strong>UNLOCKING NEW DOORS OF</strong>&nbsp;<strong>GROWTH &amp; OPPORTUNITIES</strong></p><ul><li><p><strong>Free Training with Certifications</strong>: Grow with us through technical and non-technical training.</p></li></ul><ul><li><p><strong>Challenging Projects:</strong>&nbsp;ERNI is dedicated to developing high-quality software in complex technical environments such as MedTech, Industry, Finance, and Transportation. Have the chance to participate in various technically challenging projects amongst passionate and skilled colleagues.</p></li></ul><ul><li><p><strong>Employee Welfare:&nbsp;</strong>You will be guided by a group of people who will guide and support you to have the right tools and mindset.</p></li></ul><ul><li><p><strong>Promotions &amp; Recognition:&nbsp;</strong>From the very first day, we offer you a way to learn and develop yourself in our company. Your colleagues and superiors consistently recognize and appreciate all efforts, making you feel satisfied with your achievements.</p></li></ul><ul><li><p><strong>Communication:</strong>&nbsp;You will find transparency, honesty, and open communication in our working culture. we value suggestions, opinions, and feedback from all employees.</p></li></ul><p></p><p>⏱&nbsp;<strong>FLEXIBILITY</strong></p><ul><li><p><strong>Hybrid Set-Up:</strong>&nbsp;We are combining both remote work and in-person work. The hybrid setup will allow you to reduce commuting time and have a more flexible work schedule. This will help you to manage better your work-life balance.</p></li></ul><p></p><p>🎉<strong>&nbsp;EVENTS:</strong></p><ul><li><p>We provide many opportunities to connect and build relationships. We are learning, growing, and celebrating achievements together. You will experience a wide range of different exciting activities. What to expect? Leisure Events, Summer Events, Family Events, Social Events, and Year-End Events.</p></li></ul><p></p><p><strong>👋 What are our wishes?</strong></p><p><strong>Education and Work Experience</strong></p><p>• Bachelor’s degree, preferably in Business Administration/ Management, Accounting, Computer Science, Information Technology or Industrial Engineering.</p><p><strong>Technical Knowledge</strong></p><p>• Strong IT risk experience with minimum of 5 years work experience in IT risk, governance and controls</p><p>• Knowledgeable on frameworks such as Sarbanes-Oxley, COSO, COBIT, NIST, PMBOK, ISO 27001, SWIFT CSCF, Digital Operational Resilience Act (DORA)</p><p>• Good understanding of audit principles, standards and procedures</p><p>• Broad range of knowledge of information technology as applied in an enterprise environment</p><p>• Excellent oral, written communication skills in English; comfortable dealing with senior executives from a variety of culture.</p><p><strong>Soft Skills</strong></p><p>• Strong analytical skills</p><p>• Strong attention to details and methodical with work</p><p>• Able to liaise and work effectively with external and internal clients, stakeholders</p><p>• Able to work collaboratively with teams as a constructive team member.</p><p><strong>Tools/Software</strong></p><p>• Experienced in GRC, productivity tools such as Office 365 applications and reporting tools such as PowerBI.</p><p><strong>Reporting and Coordination</strong></p><p>• For the provision of staff augmentation services, the Agency Personnel will take instructions from the Manager at the Information Technology Department at work closely with the project team, internal and external stakeholders.</p><p>• The Agency Personnel will provide any other services as required by the team and ITD supervisor (IT Officer – Assurance) or user unit.</p><p>💼&nbsp;<strong>How can you contribute to the team?</strong></p><p>Scope of Work/Responsibilities</p><p> In close coordination with IT Assurance/ Risk and Controls Team, the Senior IT Risk Analyst will perform the following: </p><p>• Update and streamline ITD’s risk management framework and processes with a view to enhance operational maturity and alignment with organizational risk process</p><p> • Run IT operational risk assessments in collaboration with Subject Matter Experts from ITD and business units </p><p>• Engage Senior ADB personnel in risk assessment and risk mitigation plan discussions </p><p>• Prepare and/or review risk assessment reports for relevance and accuracy</p><p> • Conduct Security License to Operate (SLtO) reviews to confirm IT Risk and Compliance controls are in place before production deployment, including operational risk assessment of unresolved high-critical risks and provide recommended mitigations strategies to support informed go-live decisions. • Facilitate IT policy exception or deferment request process and monitor status of requests and related action plans </p><p>• Ensure IT risk and risk-related information in ITD’s GRC tool are timely, accurate and up to date</p><p> • Prepare IT risk reports and dashboards from risk data and communicate insights to ITD teams and relevant governance groups. </p><p>• Promote risk-aware culture by developing risk communications as may be needed </p><p>• Coordinate IT risk reporting requirements with the Office of Risk Management (ORM) such as quarterly key risk indicators, operational risk and incident losses, risk management report highlights, risk appetite definition, etc. </p><p>• Review of IT policy and process documents, in coordination with IT Controls and Compliance team</p><p>• Assist in planning, implementation, coordination of ISO 27001 risk assessment and related information security activities </p><p>• Perform other related tasks as required for the position.</p>