Senior Governance & Risk Analyst

Zs-posted 12 days ago
Full-time • Mid Level
Hybrid • Chicago, IL
11-50 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client-first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning, bold ideas, courage and passion to drive life-changing impact to ZS. Senior Governance & Risk Analyst ZS IT Support teams are aligned with the company's business strategy and operating model and aims to provide its 4000 plus employees and their clients the right tools and information for high performance. The IT organization focuses on providing products and services to ZS to ensure successful business outcomes. This involves providing a scalable, sustainable and reliable IT infrastructure, customized applications, messaging and collaboration products, Business Intelligence and Database administration support along with a reliable 247 uninterrupted high-quality technology support services. What You'll Do: We are seeking applicants for the position of Senior Analyst - Governance and Risk team to join our US IT Governance, Risk and Compliance team. The position will support various management directed, IT risk governance initiatives which include following job requirements: The primary responsibility of this role is to perform comprehensive risk assessments, including vendor due diligence, process/project security risk assessments, and maintaining the risk register. The successful candidate will possess a strong understanding of IT risk management principles and will play a crucial role in identifying, assessing, and mitigating risks to ensure the security and stability of our organizational infrastructure. It requires strong analytical skills, familiarity with security domains, and the ability to communicate risk insights clearly and effectively.

  • Risk Assessments: Perform assessments for vendors, processes, and projects to identify security gaps and recommend controls.
  • Evaluate risks across IT systems, applications, infrastructure, and third-party engagements.
  • Document assessment findings with clear rationale and actionable recommendations.
  • VRA Execution & Risk Register Management: Perform vendor risk assessments to evaluate third-party security posture, document findings, and recommend mitigation strategies aligned with organizational standards.
  • Maintain and update the risk register, ensuring accurate classification, ownership mapping, and closure tracking across all active and draft risks.
  • Collaborate with internal teams (e.g., security, legal, procurement) and external stakeholders to ensure risk documentation is complete, validated, and aligned with business priorities.
  • Conduct periodic risk hygiene activities, including archival of outdated risks, evidence collection, and exception tracking.
  • Ensure all risk-related documentation is clear, complete, and accessible for stakeholders, supporting decision-making and compliance readiness.
  • Compliance & Controls: Apply knowledge of regulatory standards (e.g., ISO, NIST, GDPR) to assess and document compliance.
  • Support the implementation of security policies and control frameworks across business functions.
  • Monitor control effectiveness and suggest improvements where needed.
  • Reporting & Communication: Prepare risk reports with summaries of findings, impact analysis, and mitigation plans.
  • Share updates on risk trends, exceptions, and closure progress on a regular cadence.
  • Communicate technical risk concepts in a clear, accessible format for non-technical audiences
  • Bachelor's degree in Computer Science, Information Systems, or a related field (master's degree is a plus).
  • Minimum of 4-6 of years' experience in IT risk management, IT governance or related field.
  • Strong understanding and knowledge of IT risk assessment methodologies, frameworks industry best practices and regulatory requirements (GDPR, HIPAA, PCI DSS).
  • Strong experience with vendor risk management and security risk assessments .
  • High proficiency in using risk assessment tools and technologies.
  • Excellent analytical and problem-solving skills.
  • Strong written and verbal communication skills, with the ability to effectively communicate technical concepts to both technical and non-technical audiences.
  • Strong organizational and time management skills, with the ability to manage multiple priorities and deadlines.
  • Professional appearance and demeanor, with ability to exercise good judgment and discretion.
  • Proven ability to work creatively and analytically in a problem-solving environment.
  • Relevant certifications such as Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are preferred, ISO 27001.
  • ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development.
  • Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member.
  • We are committed to giving our employees a flexible and connected way of working.
  • A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week.
  • The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.
Track Jobs with Teal

Job Search Resources

Resume Builder
Financial Risk Analyst Resume Examples
Financial Risk Analyst Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service