Sr. IT Risk Analyst

About The Position

Requirements

• Bachelor’s degree in information technology, Cybersecurity, Risk Management, or related field (or equivalent experience).
• 5-10+ years of experience in IT risk, audit, information security, or technology governance.
• Strong knowledge of IT controls frameworks (e.g., COBIT, NIST, ISO 27001) and regulatory requirements (SOX, FFIEC, SOC, etc.).
• Experience working with audit functions and responding to regulatory reviews.
• Ability to analyze control gaps and articulate risks clearly to technical and non-technical stakeholders.
• Strong analytical and problem-solving skills
• Excellent communication and documentation abilities
• Detail-oriented with strong organizational skills
• Ability to manage multiple concurrent audits and priorities
• Collaborative mindset with the ability to work across IT, audit, and compliance functions
• Occasional travel may be required

Nice To Haves

• Professional certifications such as CISA, CRISC, CISSP, CIA, or similar.
• Experience with GRC platforms (e.g., Archer, ServiceNow GRC, MetricStream).
• Familiarity with cloud technologies (AWS, Azure, GCP) and related risk assessments.
• Prior first line Technology experience.

Responsibilities

• Audit & Regulatory Coordination Coordinate audit preparation activities—including scheduling, evidence collection, and stakeholder communication—for internal audits and regulatory examinations (e.g., FDIC, SOX, SOC, and other technology-focused reviews).
• Serve as the primary liaison between Internal Audit, IT, and Compliance teams to ensure timely and accurate responses to audit inquiries.
• Oversee and track remediation activities; validate completion and effectiveness of corrective actions for technology-related audit findings.
• Participate in readiness assessments and pre-audit walkthroughs to identify issues before formal reviews begin.
• Technology Risk Assessment & Control Evaluation Conduct comprehensive Technology Risk Assessments, identifying inherent and residual risks across infrastructure, applications, security, and cloud environments.
• Evaluate the design and operating effectiveness of technology controls, including IT General Controls (ITGCs), logical access, change management, operations, and security controls.
• Perform independent control testing to verify compliance with policies, standards, and regulatory requirements.
• Advise IT leadership on control gaps, deficiencies, risks, and recommended remediation strategies.
• Governance, Risk, and Compliance (GRC) Support Provide risk insights for new initiatives, technology implementations, cloud migrations, and major IT projects.
• Support enhancements to the IT risk management framework, control library, and GRC tooling.
• Monitor emerging technology risks and collaborate with stakeholders to develop mitigating controls.
• Contribute to the development and maintenance of IT policies, standards, and procedures.

Benefits

• Competitive Pay , including a Bonus Target or Variable Pay Incentive Program
• Benefits Package -Medical, Dental, and Vision (plus much more)
• 401(k) Plan with Company Match
• Short- & Long-Term Disability
• Wellness Programs
• Group Life and AD&D Insurance
• Paid Vacation, Sick Days and bank Holidays
• Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition