IGT Business Analyst I in Austin, Texas

OVERALL OBJECTIVE AND PURPOSE

Provides intermediate level of support to domestic sites before, during, and after audits are performed. Ensures all Best Practices are up to date and practiced. Facilitates MIRM’s for high severity incidents. Provides training and informal coaching to jurisdictional staff and other team members.

PRINCIPLE DUTIES AND RESPONSIBILITIES

  • Demonstrates a relentless commitment to meeting and exceeding customers’ expectations while also achieving the goal of removing risks

  • Works to build an effective, trustworthy partnership with each jurisdiction on a daily basis. Listens to customers and asks the appropriate questions to determine their needs and provides proper feedback to ensure audit compliance

  • Evaluate new and existing technology solutions against defined and/or implemented Best Practices and audit and ISMS requirements, standards and practices

  • Identify, develop, update and distribute new Best Practices for North America Operations in conjunction with the Practice Manager

  • Annually review the existing Best Practices for North America Operations and perform annual revisions

  • Anticipates, detects, reports on, and escalates any potential audit findings at a site

  • Performs analysis cross-jurisdictionally (all sites) on audit findings

  • Track audit finding efforts and assist with remediation concepts by using already proven solutions through completion

  • Coordinates and advises resources to remediate any potential findings prior to or post an audit engagement

  • Assists jurisdictions with Control Environment description, Control Objectives and Controls creation and modification as well as related evidence and its confidentially

  • Update Findings Tracker database with external audit related vendors, dates, and findings

  • Produce weekly, monthly and annual reporting for Management

  • Assists jurisdictions with Management Responses to audit findings where needed

  • Assists jurisdictions with understanding the ISMS policies and standards and all audit related requirements

  • Supports Leadership for all ISO related activities

  • Researches Crystal Reports to identify incidents requiring MIRM (Major Incident Review Meetings),

  • Meets with Problem Manager to review Major Incidents to determine which require meetings

  • Obtains approval for and distributes MIRM meeting minutes

  • Manages high level High Jackpot Readiness activities

  • Keep departmental process documentation current and published accordingly

  • Assists with training of site staff on how to manage an audit up to and including advisement on documentation distribution

  • Meets and interacts with Information Security and Internal Audit on a regular basis; in some cases, daily

  • Works at times with minimal Supervision

  • Participates in individual professional development by completing assigned development plan, participating in mentoring activities, tracking and reporting of development, and communicating career path goals and objectives.

  • Request feedback annually to find out how processes could be improved

SCOPE

† Complexity: Functions Responsible for or Influenced

Medium to High –Intermediate responsibility for ensuring no audit findings or exceptions for multiple jurisdictions

† Diversity: Locations Responsible for or Influenced

Medium – Intermediate responsibility for supporting multiple jurisdictions

† Typical Job Problems and Difficulties:

Provides resolutions to a diverse range of complex problems. Uses judgment within defined policies and practices. Lack of technical resources to support remediation/risk treatment efforts.

† Financial Accountability:

Medium to High – Mistakes could lead to costly penalties, downtime, and customer perception etc… and works with others who mistakes could lead to costly penalties and downtime

† Freedom to Act:

Generally, works under limited supervision or direction. Determines and develops approaches to solutions based on Best Practices, ISMS policies and standards, and industry standards

MANAGEMENT

† Job Reports to (direct)

Sr. Audit Manager

† Job Reports to (indirect)

Director of Governance Services

† Direct Reports to Job

Matrix managed resources assigned to Governance Practice Services (GPS)

† Authority for Staff Managed

Responsible for day to day activities and performance related to departmental deliverables, with assistance from Jurisdictional Manager

† Indirect Reports (influenced)

Jurisdictional Operational Managers and other support teams

† Level of Complexity for managing/organizing staff

Medium to High – Must be able to plan, organize, implement, and coordinate remote jurisdictional and support personnel activities as well as project like work

GENERAL

† Extent decisions governed by procedures or referred up

High – Majority of actions are dictated by policy / procedure or must be escalated to management for resolution

† Standard requirements for research and analysis

Frequent – 1st and 2nd tier troubleshooting of problems or findings, initial diagnosis, determine course and/or support personnel for resolution, and reporting according to established procedures with minimal supervision

† Opportunity and consequence of typical errors (supervision)

Moderate / High – Issues must be escalated as required by GPS and ISMS policies and standards

† Frequency and complexity of internal business contacts

Very frequent with moderate to high complexity varying based on technology and business needs

† Frequency and complexity of external business contacts

Minimal with moderate impact – Will occassionally work with external audit firms

† Physical (% time: travel, operating machinery, environmental etc.)

Minimal physical requirements with minimal travel – Work in a controlled environment and may be asked to travel (20%) occasionally for audit / audit support purposes

EDUCATION

† Minimum education

Two year technical college degree or comparable experience

† Years Experience

One – Four years

† Minimum knowledge and skills requirements:

  • Working knowledge of production operational environments and software batch release process

  • Working knowledge of basic auditing standards and practices

  • Comprehensive knowledge of Office suite, PC operating systems, SharePoint and configurations

  • Effective technical writing skills

  • Strong verbal and written communication skills

  • Listens effectively, summarizes, and asks clarifying questions

  • Self motivated, demonstrates initiative

  • Demonstrates a strong sense of urgency and makes sound business judgments

  • Able to effectively delegate

  • Able to balance priorities amongst all stakeholders

  • Strong trouble-shooting

  • Able to identify opportunities to implement new or modified approaches to resolve problems and maximize opportunities

Audit Types and Practices:

  • Strong working knowledge of SSAE 18 1,2, and 3 audits

  • Strong working knowledge of MUSL/MUSL Rule 2

  • Strong working knowledge of ISO 9001, 14001, 20000 standards

  • Familiarity with Security Audits, WLA Standards, PCI Security Standards, Sarbanes-Oxley

Best Practices:

  • Working knowledge of IGT and industry Best Practices and associated tools related to Incident and Change Management

  • Advanced knowledge of IGT ISMS policies and procedures.

  • Working knowledge of IGT physical security and environmental systems and procedures

Network Related:

  • Working knowledge of IP Protocol, LAN/WAN topology (frame, DSL, Cellular, X.42, X.25, ATM, Satellite, Radio, PTP, Dial-up), associated monitoring and troubleshooting tools (HPOV, HNS vision, Spectrum analyzers, solarwinds, whatsupgold)

  • Working knowledge of Data Center network equipment (firewalls, switches, gateways, routers, etc)

Systems and Servers:

  • Working knowledge of IGT proprietary solutions for operations

  • Working knowledge of IGT automation suite and processes

  • Working knowledge of logical system/server access

  • Working knowledge of IBM middleware applications

† External Training

  • ISO Foundations

  • ITIL Foundations

† Other skills

  • Strong customer service and relationship building skills

  • Basic to intermediate level coaching and mentoring skills

  • Ability to deliver training in area of expertise

  • Ability to inspire and motivate others

  • Ability to influence others without authority

  • Ability to effectively implement and manage processes

  • Ability to solicit and evaluate feedback related to modifications in process and procedure

  • Basic understanding of employee relations / legal requirements

  • Ability to present information in a professional and engaging manner

  • Ability to set high goals for self and others

  • Knowledge of techniques needed and experience in dealing with difficult or demanding customers