Analyst, IT Security

Raymond James•Saint Petersburg, FL

20h•Hybrid

About The Position

The ideal candidate will bring a strong technical and analytical foundation, including experience with data analysis, scripting, and structured testing methodologies. The role will focus on executing test plans, validating indicator logic, and performing reconciliation to source systems to ensure completeness and accuracy of control outputs. Additionally, the analyst will support ongoing management of the control inventory within ServiceNow, including updating control language, maintaining ownership assignments, documenting control narratives, and developing an understanding of underlying processes. The role will also involve analyzing control issues and indicator results, identifying anomalies, and applying critical thinking to develop and test edge-case scenarios and threshold-based behaviors. This position requires strong attention to detail, problem-solving skills, and the ability to collaborate across technology and risk teams to support a scalable and well-controlled environment. This position follows our hybrid workstyle policy: Expected to be in a Raymond James office location a minimum of 10-12 days a month. Please note: This role is not eligible for Work Visa sponsorship, either currently or in the future.

Requirements

Foundational knowledge of IT risk and control concepts
Experience with programming, data analysis, or system testing
Experience with data analysis, scripting, or programming (e.g., Python, SQL, PowerShell)
Understanding of software development lifecycle (SDLC) and QA/testing methodologies (unit, integration, UAT)
Ability to design and execute test cases, including edge cases and negative scenarios
Experience working with data sets, normalization, and comparison/reconciliation techniques
Familiarity with cybersecurity concepts and frameworks (e.g., vulnerability management, compliance standards)
Strong analytical, problem-solving, and critical thinking skills
Ability to document processes, testing results, and control narratives clearly for audit purposes
Exposure to QA/testing practices or software development environments
Strong interest in cybersecurity, risk, and control assurance
Ability to analyze data, identify patterns, and troubleshoot discrepancies
Strong communication skills with ability to document findings clearly
Create reports, and review reports created by others, for various audiences as relevant, in a lucid and effective manner, keeping in mind the purpose of reports.

Responsibilities

Gather information and analyze risk data for recommendations to the risk modeling and risk scenarios.
Develop knowledge and understanding of the organization's policies and procedures and of relevant regulatory codes and codes of conduct to ensure own work adheres to those standards.
Obtain authorization from a supervisor or manager for any exceptions from mandatory procedure.
Interpret data and identify possible answers. Involves navigating a wide variety of processes, procedures, and precedents.
Implement required security measures, such as firewalls or message encryption, monitoring performance to notify security experts of any problems.
Identify, assess, prioritize and manage risks.
Model, analyze, assess, and quantify the impact and probability of various risk scenarios, and select the most appropriate course of action for the given situation.
Analyze potential solutions and create recommendations based on the expected benefits, costs, and overall value of the solution for key stakeholders.