Internal Controls And Risk Analyst

Overview

• The Internal Controls and Risk Analyst will support internal audit, controls design, and risk management initiatives, focusing on documenting and improving business processes and control environments.
• Develop and maintain audit-ready controls documentation, including process narratives, flowcharts, Risk and Control Matrices (RACMs), and issue logs.
• Collaborate with business leaders to identify risks, document key controls, and translate complex processes into structured documentation.
• Assist in risk oversight activities, including control assessments, design evaluations, and monitoring action plans.
• Support Risk and Control Self-Assessments (RCSAs), issue tracking, and remediation activities to strengthen control environments.
• Provide expertise in Sarbanes-Oxley (SOX) compliance and Internal Control over Financial Reporting.
• Contribute to internal audit activities using a risk-based methodology, including planning, testing, and reporting.
• Work in a hybrid environment with a focus on collaboration and continuous improvement.

Key Responsibilities & Duties

• Document business processes, risks, and controls across compliance, financial, and operational risk areas.
• Draft, update, and maintain process narratives, procedures, flowcharts, and RACMs to ensure audit readiness.
• Collaborate with process owners to gather information and create structured controls documentation.
• Review existing documentation to identify gaps, inconsistencies, and opportunities for improvement.
• Support enterprise risk oversight activities, including control assessments and monitoring action plans.
• Assist in developing management action plans and documenting remediation steps for control gaps.
• Develop and maintain key risk indicators (KRIs), KPIs, risk registers, and issue logs.
• Contribute to internal audit activities, including planning, testing, and follow-up.

Job Requirements

• Bachelor of Science (BS) degree in a relevant field.
• 5-7+ years of experience in internal controls, audit, SOX, or risk management.
• Proficiency in writing and maintaining controls documentation, including RACMs and process narratives.
• Strong understanding of internal control principles, design, and evidence requirements.
• Experience conducting Risk and Control Self-Assessments (RCSAs) and control reviews.
• Expertise in Sarbanes-Oxley (SOX) compliance and financial reporting controls.
• Ability to work cross-functionally and communicate complex concepts effectively.
• Project management experience supporting complex initiatives is a plus.