Risk Analyst, Enterprise Controls

Company Summary:

With Alviere organizations can offer financial products to drive customer engagement generate new revenue streams and improve existing financial flows. The Alviere HIVE platform offers an extensive range of configurable branded financial products including accounts & wallets card issuance streamlined payments and global money transfers. Alviere brings together technology and program support with the trust of a licensed financial institution to assure the safety flexibility and long-term viability of client programs.

Job Summary:

Alviere is looking for a Risk Analyst Enterprise Controls to own the operational backbone of our enterprise risk control environment. This individual contributor role reporting directly to the CRCO is responsible for maintaining Alvieres enterprise risk control framework running the monthly and quarterly internal control testing program and coordinating all external reviews of the control environment including our annual SOC 1 SOC 2 and PCI audits. The right candidate is equally comfortable designing a testing methodology managing a complex evidence campaign in Jira and presenting residual risk findings to the Risk & Compliance Committee. This is a high-ownership role with direct visibility to senior leadership and meaningful impact on how Alviere manages its regulatory and operational risk posture.

Responsibilities include but are not limited to:

• Own and maintain Alvieres Enterprise Risk Control Framework mapping identified risks across AML/CFT cybersecurity TPRM consumer protection fraud and data privacy to applied controls and residual risk ratings; maintain the Risk Appetite Statement; and prepare KRI summaries and risk reports for the quarterly Risk & Compliance Committee and Board.
• Design and execute the internal control testing calendar running scheduled monthly and quarterly tests (OFAC access management transaction monitoring and other key controls) documenting results opening corrective actions on exceptions and tracking remediation to closure.
• Own the annual SOC 2 audit program end-to-end standing up the AUDIT Jira project each cycle routing 40 individual evidence requests to Engineering IT/Security HR Finance and Operations managing each ticket through all workflow stages and interfacing directly with external auditors on review comments and re-evidence requests.
• Run the annual system access review program across 30 in-scope platforms coordinating with system owners to pull 100% population access lists documenting review outcomes ensuring required removals are executed and evidenced and tying results into SOC 2 and PCI audit evidence.
• Manage Alvieres external auditor relationship conducting the annual assessor qualification and independence review; serve as the primary internal operational point of contact for reviews and examinations including transaction population pulls and examination documentation.
• Track enterprise control findings and corrective action plans in Jira (CDCAP project) ensuring open items have documented owners deadlines and remediation progress for reporting to the CRCO and committee.

A successful Risk Analyst Enterprise Controls will have the following:

• 36 years of experience in internal audit IS audit compliance testing or risk control functions at a financial institution fintech payment company or professional services firm serving such clients.
• Demonstrated experience contributing to or coordinating a SOC 2 audit evidence cycle familiarity with Trust Services Criteria control categories ability to read Type II reports critically and comfort managing auditor interactions independently.
• Practical understanding of control testing methodology: how to design a test document results assess the significance of a control exception and communicate findings to non-technical leadership.
• Strong operational discipline experience managing Jira workflows owning complex multi-stakeholder evidence campaigns and meeting hard external deadlines without close supervision.
• Clear analytical written communication skills capable of producing board-quality risk summaries committee materials and control testing documentation.
• Preferred: CISA CISSP CRCM or CIA certification; experience with PCI DSS compliance coordination; familiarity with state money transmitter regulatory examination processes.

We pride ourselves on developing and promoting talent as an Equal Employment Opportunity Employer - Veteran/Disability. All qualified applicants will receive consideration for employment without regard to race national origin gender age religion disability veteran status or any other category protected by law. We are a true merit-based organization and work hard so there are no artificial barriers to ones potential success. Alviere is committed to a workforce where everyones opportunities are limitless.

Consistent with this commitment Alviere will endeavor to provide reasonable accommodation to otherwise qualified job applicants and employees with known physical or mental disabilities. Please contact for any assistance.

Required Experience:

IC