.Overview:The Risk Analyst III investigates and analyzes potential areas of risk to GTS (and Herbalife Nutrition), highlighting and quantifying the risks to help drive business decisions. This role must proactively escalate potential risks to leadership and be outspoken in seeking mitigation actions. As this role progresses, the Risk Analyst will gain responsibility in designing and defining the risk analysis and serve as an advisor in GTS.Job Qualifications: DETAILED RESPONSIBILITIES/DUTIES:- Implement and maintain GTS Risk Management Program- Drive GTS risks, controls, and compliance program- Conduct statistical analyses to determine potential risk and advise leadership- Track and maintain operational risk register- Capture data SOX compliance and maintain related reports- Ensure data integrity and quality of data reporting prior to distribution- Create risk reports and dashboards for leadership- Create relevant training material and memos to support regulatory and operational compliance awareness- Coordinate with reporting analysts to communicate analysis to leadership- Coordinate with cross-functional members across GTS functions to collect data- Coordinate with Vendor Management Analyst to identify potential areas of vendor risk and drive mitigation actions- Ensures SOX compliance; tracks deficiencies anddrives mitigation actions- Acts as internal and external liaison with auditors- Assist in the development and ongoing review of security policies standards, and procedures in partnership with relevant GTS and Herbalife Nutrition organizations- Serves as advisor to GTS Leads in terms of compliance and operational risk- Performs additional duties as assignedSUPERVISORY RESPONSIBILITIES:NoneQUALIFICATIONS:**Skills**: Required- Proficient in related analysis and risk assessment tools- SOX and GRC (governance, risk, and compliance) experience is a must- Communication skills to relay results of analysis- Ability to build strong relationships across various functions of GTS to be able to preemptively identify and communicate risksCertificates / Training: Required- IT, risk and security practices, standards and controls (e.G. COBIT, NIST-CSF, CIS-CSC, C2M2, CSOE, ITIL).Preferred- Certified Information Systems Auditor (CISA)**Experience**: Level III- 5+ years in IT security, risk, controls, audit and regulatory compliance a related role- Preferred: management experience in an IT security, risk, controls, audit and regulatory compliance setting**Education**: Required- Bachelor's in computer science, risk management, or related degreePrinciples & Related Competencies: Ethical- Complies with policies and procedures; Takes the high road andupholds our values; Maintains confidentiality; Acts with integrity, honesty and respect