About the Role
In this role you will be responsible for leading cyber security, cloud, operational, and compliance reviews of Kohls Technology operations, processes, and initiatives. The Senior IT Enterprise Risk Analyst will also perform risk advisement and remediation follow-up across the Kohls Technology organization.
What Youll Do
-
Assess cyber security, cloud, operational, and compliance risk in Kohls technology and develop detailed audit procedures to develop risk-based audit programs
-
Obtain and analyze information for evidence of cyber security violations, deficiencies in internal controls, or lack of compliance with laws, government regulations, and Kohl's policies and procedures
-
Challenge existing processes including suggesting more efficient or alternative methods to achieve objectives
-
Prepare work papers to clearly support the audit conclusion in accordance with internal auditing standards
-
Communicate the results of audit/projects to senior leaders and collaborate with senior leaders to develop action plans addressing identified risk/process gaps
-
Follow-up with Technology leadership to ensure agreed-upon recommendations have been implemented
-
Lead PCI assessment activities, in partnership with Information Security team
-
Manage PCI Assessor to review completion
-
Assess Sarbanes-Oxley ITGC controls design
-
Execute Sarbanes-Oxley process walkthroughs, testing and follow-up
-
Support the continuous improvement of technology compliance activities
-
Execute banking partner security reviews and follow-up
-
Lead communication with banking partner on follow-up status and remediation
-
Manage and prioritize multiple assignments including all audits and project involvement
-
Inform stakeholders of project status and execute to planned project timelines
-
Provide timely results of audit and communicate recommended solutions
-
Pursue opportunities to improve team communication, organizational, technical, and analytical skills
-
Support the development of project staff/interns
-
Develop strong cross-functional relationships across multiple levels within organization
-
Support risk advisory activities across the technology and business organization
-
Additional task may be assigned as necessary
What Skills You Have
Required
-
Bachelor's Degree in MIS or similar related field
-
Minimum of 2+ years of experience in IT audit, cyber security, IT consulting or similar roles
-
Ability to comprehend and analyze technology systems and environments
-
Experience communicating with various levels of management
Preferred
-
Certifications such as CISA, CISSP, CIA desired
-
Word processing and spreadsheet software, Google apps collaboration tools, and data analysis tools
-
Cloud platforms including GCP
-
Technical server, database, messaging, integration, and CICD platforms