Auto-apply to these risk management jobs

INTERNAL POSTING ANNOUNCEMENT FOR COMMONWEALTH OF MASSACHUETTES EMPLOYEES OFFICE of the COMPTROLLER Statewide Risk Management and Compliance Team (SRMCT) Risk and Security Analyst- EDP III FY26-004 About the Office of the Comptroller The Office of the Comptroller ensures that the more than $50 billion in annual transactions authorized by the general appropriations act and supplemental appropriations are executed in accordance with all statutory requirements and recorded in compliance with accounting standards. We also oversee capital assets, federal funding inflows, and other transactions. We also own and maintain statewide payments and payroll systems, safeguarding critical financial information. We operate in support of our partners, the financial staff at more than 150 departments and agencies across the Commonwealth. As stewards of the public trust, CTR aspires to inspire confidence by maintaining our core principles: clarity, integrity, and accountability. The powers and obligations of the Office of the Comptroller are generally dictated by M.G.L. c. 7A. Position Summary The Office of the Comptroller is seeking a Risk and Security Analyst position assigned to the Statewide Risk Management and Compliance Team (SRMT). The position reports to the Assistant Comptroller for Risk and Compliance. This position is responsible for enterprise system access management and a variety of departmental reviews to determine compliance by over 150 Commonwealth departments with internal controls, state finance law, and Comptroller regulations and policies. Additionally, this position will apply technical knowledge and skills to assess and mitigate risks related to CTR systems The ability to mine data from the Commonwealth's Enterprise systems, to analyze, report on and draw conclusions from that data are key skills of the job. Strong analytical, communication and presentation skills, along with experience writing reports and recommendations are critical skills for the successful candidate. This position requires a self-starter with capabilities and attributes which include the following: attention to detail; superior time management and solid multitasking skills; ability to contribute and work productively as part of a team; positive attitude; capacity to remain flexible and learn new accounting, auditing and technical standards as necessary; and the ability to work well under pressure. Specific Duties: Support SRMCT Security Team with statewide enterprise system(s) access requests as additional resource Lead the semi-annual statewide Department Security Access review and approval process Perform data analysis and risk assessments of state departments: Security roles usage, compliance and access Risk ratings for overall compliance with Comptroller polices, regulations and state finance law Provide technical assistance and advice to Department Security Officers (DSO) on enterprise security access management, and provide advice and assistance to departments on other internal controls and compliance issues Serve as an analyst for the statewide Internal Control Certification (ICC) - (formerly the Internal Control Questionnaire) and sampling statewide queries for other desk reviews Participate in department ICC interviews, desk reviews and virtual and on-site visits Conduct training and retraining of Department Security Officers (DSOs) Maintain updated Security Access Management Guides for enterprise systems (including MMARS and HRCMS) To effectively assess risks, monitor compliance and the effectiveness of robust internal controls, maintain knowledge and understanding of how information systems operate, including software, hardware, and networks Assist with internal training of Comptroller employees on the relationship of department devices (laptops, cell phones, etc.) and fraud awareness/phishing training Review Commonwealth departments' written systems of internal controls and provide technical assistance and advice to departments on internal controls Participate in Incident Responses - protecting enterprise systems, aiding departments with internal control advice, tracking tasks and disabling and restoring enterprise security access roles Assist with data analytics and review of samples for department desk reviews to determine compliance with state finance law and Comptroller policies and regulations Assist SRMCT in review and support of security access, internal controls, IT and Single Audit, cybersecurity and compliance as assigned Remain current on CTR oversight policies All employees of CTR may be asked to engage in other assignments on an as needed basis Bargaining Unit / Salary Range NAGE Unit 6 / Grade 14: $ 77,289.16 - $ 113,024.34 As per the Unit 6 Collective Bargaining Agreement between the Commonwealth of Massachusetts and the National Association of Government Employees the range is based upon a series of steps. Any potential offer is determined based upon an analysis of the minimum entrance requirements, the candidate's relevant work experience and educational achievement level. Benefits Package CTR is pleased to offer a comprehensive benefits package for its employees and managers. The specific components and eligibility may vary based upon position classification, hours worked per week and other variables. Therefore, specific benefits for this position may be discussed as part of the interview and offer process. The overall benefits available include paid vacation, sick and personal leave time, health, dental and vision insurance through the Commonwealth's Group Insurance, and optional pre-tax Health Savings Account plans. Details of the various plans and the cost split between employer and employee may be reviewed by looking at the Group Insurance website, https://www.mass.gov/orgs/group-insurance-commission and/or as part of the interview process. CTR employees also participate in the Commonwealth's State Retirement Plan, which may become a Defined Benefit Plan for those that both vest and subsequently retire from State service. Follow this link for additional retirement information: http://www.mass.gov/treasury/retirement/state-board-of-retire/ In addition, CTR provides employees the opportunity to elect life insurance, long term disability insurance, deferred compensation savings, tuition remission, pre-tax commuter account plans, along with other programs. CTR Hybrid Work Model CTR operates under a hybrid work model. Under this policy, employees are currently required to work a minimum of four business days per month (two set by management and two set by the employee) on-site at CTR's Boston office and may work remotely the remainder of the time at a location approved by their supervisor, so long as they comply with the requirements of the telework policy. Under this policy, all employees must be able to report to the Boston office with little or no notice, even including the same workday should an exigent circumstance arise. Therefore, a reasonable proximity to the office is necessary. CTR does not reimburse for employees to travel to the office. In addition, the successful candidate may be required to work primarily on site in Boston during the initial training and orientation period and/or for certain positions a primarily on-site role may be necessary. Commitment to Diversity CTR is committed to building a diverse staff at all levels across its entire agency. The Commonwealth is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, sex, gender identity or expression, sexual orientation, age, disability, national origin, veteran status, or any other basis covered by appropriate law. CTR is an Equal Opportunity Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply. Application Process The Office of the Comptroller encourages interested candidates that meet the minimum entrance requirements and qualifications to apply for this position. Interested candidates must submit their materials electronically, by E-mail no later than 5:00 pm, on August 17, 2025. Submissions should include the following: a cover letter; and resume. Candidates chosen to advance to a second-round interview will also be required to submit: three business writing samples; and three professional references. Please include position title and posting number (FY26-004) in the subject line of your submission. Your application package should be submitted to: CTR-HR@mass.gov Late submissions may be considered solely at the discretion of CTR. Required Background Check- Including Tax Compliance: CTR requires a background check on all prospective employees as a condition of employment. Candidates should know that the background check is not initiated until: A candidate is invited to a second or subsequent interview and The candidate has signed the Background Check Authorization Form and related releases. This background check includes a Criminal Offender Record Information (CORI) check, and Commonwealth Department of Revenue state tax compliance on all prospective employees as a condition of their employment. Candidates with advanced degrees and professional licenses may have these credentials verified. Individuals other than those references provided by a candidate may be contacted in the course of completing a full background and qualification check. Further Information: Please visit https://www.macomptroller.org for more information about the Office of the Comptroller. Preferred Qualifications Experienced user of MMARS, HRCMS, and CIW or other enterprise accounting or payroll systems, or security access management Familiarity with ServiceNow Demonstrated experience in one or more of the following: business analysis or operations, data analytics, security, internal controls, compliance Ability to analyze and critique business processes and evaluate the effectiveness of internal controls Experience with data analytics and/or visualization tools Knowledge of the principles and practices of risk management, internal controls, and fraud detection/prevention Experience implementing Comptroller's Internal Control Guide, ERM principles and Fraud Prevention tools in a Commonwealth Agency Ability to travel within the Greater Boston area and across the Commonwealth of Massachusetts may be required from time to time Required Qualifications General knowledge of working in enterprise systems like MMARS, HRCMS, and CIW, or other state government systems Ability to work both independently and in a team setting Proficiency in assessing the impact of regulations and legislation on business functions Ability to perform accurate and timely research Skilled in the presentation of information through data analysis and interpretation Provide solid and informed advice and recommendations Ability to develop relationships with the operational and management teams at external agencies, partners or clients including with colleagues within the various Business Units of a complex organization Proficiency with Microsoft Office 365 tools Commitment to the Office of the Comptroller's core values of innovation, transparency, integrity, accountability, collaboration, excellence and customer service Minimum Entrance Requirements Applicants must have at least (A) four years of full-time, or equivalent part-time, professional experience in electronic data processing of which (B) at least two years must have been in work in which the major duties included computer systems analysis, or (C) any equivalent combination of the required experience and the substitutions below. SUBSTITUTIONS: I. An Associate's degree with a major in the field of data processing or computer programming may be substituted for a maximum of one year of the required (A) experience. * II. A Bachelor's degree with a major in the field of data processing or computer and/or information science may be substituted for a maximum of two years of the required (A) experience. * III. A Graduate degree with a major in the field of data processing or computer and/or information science may be substituted for a maximum of two years of the required (A) experience. * IV. A diploma for completion of a two year full-time, or equivalent part-time, program in a recognized non-degree granting business or vocational/technical school above the high school level with a major in the field of computer programming may be substituted for a maximum of one year of the required (A) experience. * V. An official transcript from a recognized business or vocational/ technical school as evidence of completion of a program consisting of at least 650 hours of instruction in the field of computer programming may be substituted for a maximum of one year of the required experience. VI. Graduation from the data processing course of a recognized vocational/technical high school may be substituted for a maximum of one year of the required experience. Education toward such a degree or diploma will be prorated on the basis of the proportion of the requirements actually completed. NOTE: No substitution will be allowed for more than two years of the required (A) experience. NOTE: No substitution will be allowed for the three years of the required (B) experience.