.Overview:The Risk Analyst III investigates and analyzes potential areas of risk to GTS (and Herbalife Nutrition), highlighting and quantifying the risks to help drive business decisions. This role must proactively escalate potential risks to leadership and be outspoken in seeking mitigation actions. As this role progresses, the Risk Analyst will gain responsibility in designing and defining the risk analysis and serve as an advisor in GTS.Job Qualifications:DETAILED RESPONSIBILITIES/DUTIES:Implement and maintain GTS Risk Management ProgramDrive GTS risks, controls, and compliance programConduct statistical analyses to determine potential risk and advise leadershipTrack and maintain operational risk registerCapture data SOX compliance and maintain related reportsEnsure data integrity and quality of data reporting prior to distributionCreate risk reports and dashboards for leadershipCreate relevant training material and memos to support regulatory and operational compliance awarenessCoordinate with reporting analysts to communicate analysis to leadershipCoordinate with cross-functional members across GTS functions to collect dataCoordinate with Vendor Management Analyst to identify potential areas of vendor risk and drive mitigation actionsEnsures SOX compliance; tracks deficiencies anddrives mitigation actionsActs as internal and external liaison with auditorsAssist in the development and ongoing review of security policies standards, and procedures in partnership with relevant GTS and Herbalife Nutrition organizationsServes as advisor to GTS Leads in terms of compliance and operational riskPerforms additional duties as assignedSUPERVISORY RESPONSIBILITIES:NoneQUALIFICATIONS:Skills:RequiredProficient in related analysis and risk assessment toolsSOX and GRC (governance, risk, and compliance) experience is a mustCommunication skills to relay results of analysisAbility to build strong relationships across various functions of GTS to be able to preemptively identify and communicate risksCertificates / Training:RequiredIT, risk and security practices, standards and controls (e.G. COBIT, NIST-CSF, CIS-CSC, C2M2, CSOE, ITIL).PreferredCertified Information Systems Auditor (CISA)Experience:Level III5+ years in IT security, risk, controls, audit and regulatory compliance a related rolePreferred: management experience in an IT security, risk, controls, audit and regulatory compliance settingEducation:RequiredBachelor's in computer science, risk management, or related degreePrinciples & Related Competencies:EthicalComplies with policies and procedures; Takes the high road andupholds our values; Maintains confidentiality; Acts with integrity, honesty and respect