Senior Analyst, Business & Tech Risk Integration

About The Position

Requirements

• Bachelor's Degree Bachelor’s degree in IT Risk Management, Information Systems, Business or a related field plus 4 years of related work experience OR a combination of education and experience deemed equivalent (Required)
• 4-7 years - IT risk management, IT compliance, enterprise risk, audit, or similar roles
• Working knowledge of risk and control frameworks (SOX, NIST, ISO 27001, COSO, COBIT). (Required)
• Familiarity with automation, AI governance concepts, cloud-based risk considerations, and Agile scrum methodology. (Required)
• Strong analytical, documentation, and problem-solving skills. (Required)
• Effective communicator with the ability to partner across business and technical teams. (Required)

Nice To Haves

• Certifications such as CPA, CIA, CISA, CRISC, CISM, CISSP or Agile/Six Sigma are a plus. (Preferred)

Responsibilities

• Risk Identification & Assessment:
• Conduct proactive risk assessments across business and IT initiatives, including cloud migrations, system implementation, automation rollouts, process transformation, and AI use cases.
• Design and evaluate end-to-end business systems architecture and processes to identify and manage SOX, operational, and other compliance domain risks.
• Assess and analyze current processes, controls, and systems to identify optimization opportunities and manage the implementation of corrective actions for compliance deficiencies.
• Support the development of risk scenarios and impact/likelihood models to assess level of risk and anticipate potential control failures.
• Control Integration & Transformation
• Assist in modernizing the control environment by helping transition from manual controls to automated and embedded processes.
• Design and build technology and business controls to mitigate risks leveraging GRC systems and standards such as SOX, NIST, COBIT and accounting/audit standards: o IT General Controls, (e.g. access management, change management, and computer operations) o Data integrity over data transfers, transformation, migration and reports o Agile system development lifecycle controls (SDLC)
• Collaborate with IT, Compliance, and Business partners to ensure controls are scalable, efficient, and aligned to enterprise risk appetite.
• Support implementation of continuous monitoring techniques using GRC platforms or data-driven reporting.
• Project & Change Risk Advisory
• Manage the end-to-end risk program for IT projects to identify risk and control requirements, and operationalize these changes, including training for control owners.
• Assess the impact of business and IT changes on the control environment, recommending practical mitigation steps.
• Track and manage risk issues through remediation cycles.
• Collaboration & Enablement
• Act as a liaison between Technology, Compliance, Audit, and Business stakeholders to ensure risks and responsibilities are clearly communicated.
• Translate technical risk concepts into business-relevant language to support informed decision-making.
• Contribute to cross-functional workshops on AI, automation, and emerging technology risk awareness.
• Monitoring & Reporting
• Develop and maintain reporting and dashboards on key risk indicators, control health, and mitigation progress across domains.
• Support audit readiness by ensuring documentation, evidence, and process narratives are complete and accessible.
• Leverage data visualization tools to deliver clear and actionable insights to stakeholders.

Benefits

• Employees enjoy multiple wealth-building opportunities through our annual stock grant, employee stock purchase plan, 401(k), and access to free, year-round money coaches.
• employees in regular, non-temporary roles are eligible for an annual bonus or periodic sales incentive or bonus, based on their role.
• Most Corporate employees are eligible for a year-end bonus based on company and/or individual performance and which is set at a percentage of the employee’s eligible earnings in the prior year.
• medical, dental and vision insurance, a flexible spending account, 401(k), employee stock grants, employee stock purchase plan, paid time off and up to 12 paid holidays - which total about 4 weeks for new full-time employees and about 2.5 weeks for new part-time employees annually - paid parental and family leave, family building benefits, back-up care, enhanced family support, childcare subsidy, tuition assistance, college coaching, short- and long-term disability, voluntary AD&D coverage, voluntary accident coverage, voluntary life insurance, voluntary disability insurance, and voluntary long-term care insurance.
• eligible employees can also receive mobile service & home internet discounts, pet insurance, and access to commuter and transit programs!