Business Controls Sr. Associate - Enterprise Information Technology​/Information Security

Make banking a Fifth Third better®

We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.

Conduct Process Risk and Control Self-Assessments (PRCSA) for high and moderate risk Information Technology/Information Security processes in the 1st line of defense. Assessments include process mapping, capturing risks and controls, control testing, and process evaluation. Candidates must be comfortable communicating with technical experts, mid-level management and senior leadership. Candidates must have working knowledge of enterprise IT and IS domains and concepts to be successful in the role.

• 6+ years of experience in relevant domain (IT/IS, Risk, IT Audit)
• Preferred to have at least one of the following certifications: CISA, CRISC, CISSP, or CISM. All candidates are expected to obtain at least one of these certifications within two years of employment.

As first line of defense, conducts analysis related to identifying, assessing, mitigating, and managing risks necessary to comply with new or changing laws, regulations, regulatory guidance, and best practices deemed necessary by key stakeholders (such as Legal, Compliance, Enterprise Risk and Audit partners). Supports Business Controls in advancing risk management, structure, processes, and tools in support of the organization’s Enterprise Risk Management (ERM) framework.

Transforms data into business intelligence by developing and presenting information and insights to stakeholders. Monitors and manages risks to ensure compliance and validation of program effectiveness with assigned line of business or functional area, and Bancorp initiatives. Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience.

While operating within the Bank’s and LOB’s risk appetites, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.

• Assists business controls leadership with the development of complex strategies and the implementation of controls, policies, and procedures to increase effectiveness and efficiency related to the respective business or functional area.
• Provides relevant expertise and analysis to stakeholders related to the identification, assessment, control, monitoring, testing and reporting of risks.
• Investigates and assists in root cause analysis in instances of actual or potential operational loss.
• Gathers and integrates information.
• Identifies the need for and collects information to better understand issues, problems, and opportunities; integrates information from a variety of sources; and detects trends, associations, and cause-effect relationships.
• Leverages expertise and stays informed of industry best practices and regulations to ensure compliance with all applicable laws, standards, and requirements, including, but not limited to, OCC Heightened Standards.
• Supports the resolution of internal audit, compliance, or risk management related issues that could impact the classification, availability, or integrity of data or processes.
• Highlights control breakdowns, inadequate processes, and unexpected events. Implements corrective actions in partnership with Business Controls leadership to address process and control deficiencies.
• Builds effective relationships with other internal business control groups and the second and third lines of defense (such as Legal, Compliance, Enterprise Risk, and Audit).
• Collaborates with groups responsible for ensuring adequate information barriers are established, and the Bank’s compliance with policies and processes are in place in order to control the flow of certain information.
• Serves as an analytical and procedural expert to peers on cross-functional processes or project deliverables.
• Assists with execution of regulatory change management program to…