VyStar Credit Union

Senior Business Risk Control Analyst

VyStar Credit Union · Jacksonville, Florida, United States

Banking · 1,001-5,000 employees

23 h ago
Remote Senior (5-10 yrs) Full-time United States
Log in to apply, save this posting, or score it against your profile with AI.

About the role

Provides independent assurance and governance over the design and effectiveness of internal controls across the credit union. Leads risk-based control testing and supports ERM governance activities to ensure alignment with regulatory expectations.

What they look for

Enterprise Risk Management Control Testing Risk Governance Second Line of Defense RCSA Issue Management Data Analysis Regulatory Compliance Internal Audit Stakeholder Management Conflict Resolution Technical Writing

Requirements

Requires a bachelor's degree and over 4 years of experience in ERM, internal audit, or compliance within financial services. Must have demonstrated experience in second-line defense roles and proficiency in data analysis tools like Excel.

Benefits

401(k) Plan Paid Technical Training On-the-job Training Tuition Reimbursement

Full description

At VyStar, we offer competitive pay, an excellent benefit package that includes a 401(k) Plan, an extensive paid technical and on-the-job training program, and tuition reimbursement--available to all full and part time employees. Part time positions start at a minimum of 30 hours per week.

We encourage you to become a part of VyStar Credit Union's family of employees.

Senior Business Risk Control Analyst

ACCOUNTABILITY STATEMENT

The Senior Business Risk Control Analyst is an experienced contributor within the Enterprise Risk Management (ERM) function, operating as part of the Second Line of Defense (2LoD). This role provides independent assurance and governance support over the design and operating effectiveness of internal controls across the credit union and contributes to the ongoing maturity of enterprise risk governance practices.

In addition to executing risk-based control testing, this role supports ERM governance activities, methodologies, standards, and reporting, ensuring consistency with the organization’s ERM framework, risk appetite, and regulatory expectations. The role does not own or execute controls and maintains independence from first line operational activities.

Testing and oversight span all major risk categories, including Credit, Interest Rate Risk (IRR), Liquidity, Operational/Transaction, Compliance, and Strategic Risk, as well as controls supporting technology enabled processes, including IT, cybersecurity, cloud, digital, or system-based operations, where applicable.

ESSENTIAL RESPONSIBILITIES

Second Line of Defense

  • Serve as a senior Second Line of Defense (2LoD) subject matter resource for control testing, assurance practices, and risk governance.
  • Exercise independent challenge and credible oversight of first‑line risk identification, control design, and remediation effectiveness.
  • Function as a trusted partner to ERM leadership in risk governance activities, including committee reporting, escalation practices, and issue management oversight.
  • Lead the development and maintenance of testing standards, methodologies, and quality expectations.
  • Reinforce strong risk ownership and accountability, maintaining clear separation from control ownership while reinforcing accountability and effective risk ownership across the organization.

Control Testing & Assurance

  • Lead & oversee end-to-end, risk‑based control testing engagements, including planning, walkthroughs, scoping, sample selection, evidence evaluation, and documentation.
  • Direct assessments of control design adequacy and operating effectiveness, including manual, automated, and IT‑dependent controls.
  • Apply and guide the use of quantitative and statistical sampling techniques to support objective, defensible conclusions.
  • Interpret and synthesize testing outcomes to identify control weaknesses, root causes, trends, and systemic issues, including recurring themes.
  • Own independent validation of remediation efforts through follow‑up testing and evidence‑based confirmation.

Governance, Methodology & Reporting

  • Drive execution of the development and execution of the annual ERM risk‑based control testing plan.
  • Own and continuously enhance testing methodologies, standards, templates, and documentation guidance.
  • Lead preparation materials and analysis for risk governance committees, management, regulators, and internal audit.
  • Influence risk ratings, issue severity, and escalation considerations.
  • Champion consistent application of ERM practices across control testing, issue management, and reporting.

Advisory & Collaboration

  • Function as a senior independent advisor by providing objective insights into control effectiveness and residual risk exposure.
  • Provide credible challenge and guidance to business leaders, Compliance, Information Security, Finance, and Internal Audit to identify opportunities to enhance control design, automation, and monitoring, while preserving 2LoD independence.
  • Lead coordination across assurance functions to reduce duplication and strengthen enterprise risk oversight. Perform other duties as assigned.
  • Mentor and influence peers and stakeholders, elevating risk and control maturity through thought leadership and constructive challenge.
  • All employees and business units, as first line of defense, are expected to proactively help identify, assess, manage, and report risks within their domain of work. To enhance a healthy risk culture and support our growth for good pillar, employees will maintain vigilance in safeguarding our operations while ensuring compliance with regulatory mandates. The Risk team serves as the second line of defense by providing risk oversight and credible challenge whereas the Audit team serves as the third line of defense by providing risk assurance. Perform other duties as assigned.

Incumbent is expected to demonstrate each of the following VyStar Excellence behaviors in performing the duties and responsibilities of their job:

  • Focus - Focus your full attention by carefully listening to and observing client or member.
  • Connect - Consistently be friendly and approachable. Demonstrate your care.
  • Understand - Listen empathetically and ask questions (70%/30% rule).
  • Counsel - Recommend solutions based on your member’s needs and objectives.
  • Advance - Ensure that member’s expectations were exceeded.
  • Verify necessary follow-up actions.

JOB QUALIFICATIONS

Education

  • Bachelor’s degree required; advanced degree preferred
  • Equivalent combination of education and experience will be considered

EXPERIENCE

  • 4+ years of experience in enterprise risk management, second‑line control assurance, internal audit, or compliance testing within financial services.
  • Demonstrated experience operating in a Second Line of Defense role, including governance and oversight responsibilities.
  • Strong experience conducting control testing, RCSAs, issue management, and remediation validation.
  • Experience with controls supporting technology‑enabled processes, with exposure to one or more of the following:
  • Information Technology
  • Cybersecurity
  • Cloud or third‑party technology environments
  • Digital platforms or system‑enabled business processes
  • Strong understanding of ERM frameworks, risk and control methodologies (e.g., COSO, Three Lines of Defense), and governance practices.
  • Working knowledge of financial services regulatory expectations.
  • Advanced analytical skills with the ability to synthesize results into enterprise‑level risk insights.
  • Advanced proficiency in Excel and data analysis tools.
  • Excellent written and verbal communication skills, including experience supporting management or governance‑level reporting.
  • Professional certifications (e.g., CRISC, CISA, CIA, CISSP) are a plus.

Knowledge, Skills, and Abilities

  • Demonstrated experience in conflict resolution management and ability to effectively challenge at all levels of management and influence business outcomes.
  • Ability to effectively work with both internal and external partners in a highly collaborative environment.
  • Ability to communicate complex concepts and findings in a clear and concise manner.
  • Ability to assist with multiple projects, work in fast-paced environment and meet deadlines Maintains professional composure, objectivity and fairness when dealing with conflict or sensitive matters.
  • Ability to travel as needed to successfully perform position responsibilities.
  • Excellent ability to rely on experience and judgment to plan and accomplish various goals and objectives and to produce high quality materials within tight time limits.

Disclaimers and Work Environment

Nothing in this position description is an implied contract for employment. The position description is intended to be an accurate account of the essential functions. The functions are not all encompassing and are subject to change at any time by management.

The work environment characteristics described are representative of those that an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

VyStar Credit Union is not seeking outside assistance or accepting unsolicited resumes from staffing agencies or search firms for employment or contractor opportunities. Any resumes submitted by an outside vendor to any employee at VyStar via e-mail, internet, or directly to hiring managers without a valid written search agreement with the Talent Acquisition / HR department will be deemed the sole property of VyStar Credit Union.

No placement fee will be paid if a candidate is hired as a result of the referral, or through other means.

Thank you for your inquiry regarding our current job opening. Your resume will be carefully reviewed against the position requirements. Should your experience and skills match, you will be contacted by one of our Human Resources department staff members.

Thank you again for your interest in this position!

VyStar Credit Union Human Resources