IT Security Controls and Regulatory Compliance Specialist in Braintree, MA at Voya

Date Posted: 1/3/2020

Job Snapshot

Job Description

As part of the application process, a candidate account is required to log in and view application(s).  Please be sure to check email regularly for information regarding our employment process.

Position Summary:

The IT Security Controls and Regulatory Compliance Specialist (First Line of Defense) is responsible for ownership and accountability for directly assessing, controlling and mitigating risks to enhance the likelihood that the organization’s objectives are achieved. These individuals exhibit a deep understanding of the organization including applicable systems, tools, policies and procedures and are adept at identifying procedural gaps and deficiencies. These include internal control processes designed to identify and assess significant risks, execute activities as intended, highlight inadequate processes, address control breakdowns, and communicate to key stakeholders of the activity. This role will be responsible for execution of Risk and Control Self Assessments and Compliance Risk Assessments, as well as review the adequacy of the risk control design.   

Position Description:

  • Executing processes designed to support first line of defense activities in the Voya environment to include:

  • Assist with determining scope of assessments and complete review according to planned timelines
  • Evaluate the effectiveness of controls in place to mitigate identified risk; review evidence, document testing results in a comprehensive and organized manner; Develop recommendations to correct control deficiencies and provide ideas for process improvements
  • Assist in ensuring issues identified during testing and monitoring reviews are followed-up on and corrective action plans are properly executed to comply with organizational policy and/or applicable regulatory requirements
  • Coordinating SOC2 activities and appropriate communications with various parties & organizations
  • Coordinating ISO certification activities and appropriate communications with various parties & organizations
  • Organizing NY DFS (and other regulatory) compliance requirements annually
  • For issues identified where controls can be enhanced to ensure compliance with organizational or regulatory requirements, assist in the review of management action plans to ensure root cause of control deficiencies are resolved
  • Assist in performing root cause analysis of security-related incidents and in the tracking of measures agreed to remediate the processes and control gaps that led to the incidents
  • Participate in risk- and control-related special projects
  • Maintain a strong working knowledge of federal and/or state compliance regulatory requirements applicable to the assigned areas of the review
  • Other duties as assigned

Knowledge & Experience:

  • Bachelor’s degree preferably in Accounting, Finance, Business Administration, Computer Science, MIS or related field; or equivalent work experience
  • 3-5 years of related work experience in risk assessment, audit or compliance role
  • 3+ years experience generating or evaluating SOC1 and SOC2 documentation
  • Prior experience with NAIC issued regulatory recommendations
  • Prior ISO certification experience
  • Working knowledge of risks and effective control design and solutions
  • Demonstrated written and oral communication skills and ability to communicate with all levels of management
  • Ability to build strong relationships and work cross functionally with internal and external constituents
  • Strong analytical skills with the ability to identify, research and weigh risk and control issues
  • Ability to work cooperatively and effectively with supporting team members to meet departmental goals
  • Strong time management, organization and prioritization skills; ability to complete multiple concurrent tasks within close deadlines with a high degree of accuracy and detail
  • Self-motivated along with the ability to bring projects and reporting to conclusion
  • Strong Microsoft Office knowledge; preferably advanced Microsoft PowerPoint and Excel skills and familiarity with SharePoint


Critical Skills
At Voya, we have identified the following critical skills which are key to success in our culture: 

  • Customer Focused: Passionate drive to delight our customers and offer unique solutions that deliver on their expectations.
  • Critical Thinking: Thoughtful process of analyzing data and problem solving data to reach a well-reasoned solution.
  • Team Mentality: Partnering effectively to drive our culture and execute on our common goals. 
  • Business Acumen: Appreciation and understanding of the financial services industry in order to make sound business decisions. 
  • Learning Agility: Openness to new ways of thinking and acquiring new skills to retain a competitive advantage.

Learn more about Critical Skills.