Senior, Technology GRC Analyst
Together Credit Union•St. Louis, MO
•Hybrid
About The Position
The Senior Technology GRC Analyst helps the organization understand and manage technology and information security risks before they become larger issues. This role provides independent oversight of technology and cybersecurity risks, evaluates the effectiveness of controls, and helps leaders make informed decisions about risk. The position supports regulatory compliance, organizational preparedness, and the protection of organizational assets by identifying gaps, emerging risks, and opportunities to strengthen the overall control environment.
Requirements
- High school diploma or equivalent
- 3+ years of financial industry experience such as Technology, Fraud, Operations, or Risk and Compliance or relevant transferable experience
Nice To Haves
- 5+ years of financial industry experience such as Technology, Fraud, Operations, or Risk and Compliance or relevant transferable experience
- Certified in Risk and Information Systems Control (CRISC)
Responsibilities
- Conduct complex risk assessments of existing and proposed technology assets, services, and operations to identify vulnerabilities, threats, control gaps, and emerging risks; provide recommendations to support risk informed decision making
- Prepare clear, actionable risk reports and dashboards for leadership, highlighting key findings, trends, and remediation progress
- Review, test, and validate the effectiveness of controls against established frameworks, regulatory requirements, and organizational standards; identify control gaps and provide recommendations to strengthen the control environment
- Monitor and report compliance with applicable technology, cybersecurity, privacy, and regulatory requirements; identify potential concerns and validate corrective actions implemented to address identified issues
- Advise stakeholders on the development and ongoing improvement of security standards and procedures to strengthen the organization's control environment and address emerging risks
- Provide independent review and challenge of technology and information security risks, control effectiveness, remediation plans, and risk acceptance decisions; consult with stakeholders on risk mitigation strategies and control considerations
- Participate in post incident response and post reviews to assess response effectiveness, identify control or process weaknesses, and provide recommendations to strengthen business continuity and disaster recovery preparedness
- Assess technology and information security risks associated with third party relationships and provide recommendations to support vendor risk management activities
- Coordinate findings and remediation activities related to internal and external audits, examinations, and assessments; validate corrective actions and identify recurring risk themes or control weaknesses
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
High school or GED
