Technology Risk Analyst
About The Position
Within Harris Williams Compliance and Risk team, the Technology Risk Analyst will be an integral individual contributor to the IT security team, focused on key programs and initiatives that enable us to effectively identify and reduce risk to the firm. This role will leverage skills in technology risk management, developing and supporting risk solutions that protect our firm, our clients and our ability to remain a market leader. This is a newly created role with the opportunity to help build and scale the Technology Risk program. It is a high-impact position focused on improving structure, documentation, and operational effectiveness, offering exposure to a broad range of technology risk and compliance activities without requiring deep prior expertise. The role provides an opportunity to work closely with senior leadership and key stakeholders across IT and Risk, and is a hands-on role with ownership of core processes, including tracking, documentation, and coordination. There is significant growth potential as the program expands, with opportunities to take on increased responsibility over time.
Requirements
- Degree in information systems, business or related experience.
- 1-4 years’ experience in IT security and compliance best practices and frameworks (NIST CSF, ISO 27001/9001, COBIT / SOx, PCI, HIPAA)
- Experience developing an effective control environment related to financial services or technology products and services.
- Ability to work across matrixed teams to effectively balance risks and opportunity costs through prioritization to effectively execute assigned tasks.
- Excellent interpersonal communication skills and the ability to influence and effectively tailor messages to a variety of audiences.
- High degree of professionalism, organization, proactivity and curiosity.
- A clear understanding of requirements, controls, and testing methodologies.
- Passion for technology, operational excellence and a keen focus on ensuring an exceptional client experience.
- Candidates must be authorized to work in the U.S. without sponsorship.
Nice To Haves
- Relevant professional, compliance and/or security certifications (CISA, CRISC, ITIL, CGEIT, PMP).
- Access Control (AC)
- Building Architecture
- Customer Solutions
- Disaster Recovery Planning
- Information Security
- Network Security
- Physical Security
- Risk Assessments
- Security Technologies
- Analytical Thinking
- Effective Communications
- Information Assurance
- Information Security Management
- Information Security Technologies
- IT Environment
- IT Standards, Procedures & Policies
- IT Systems Management
- Problem Solving
- Software Security Assurance
Responsibilities
- Support the CTO, CCO and their designees in successful management of the IT risk portfolio and identified priorities.
- Track a consolidated program for all interactions between HarrisWilliams IT / Security and PNC teams (meetings, control schedule, KRIs, assessments, etc.).
- Outline strategic roadmap for the Technology Risk program (platforms, people, processes).
- Develop deep familiarity with parent company structure, as a liaison with all lines of defense to organize compliance cycles, execute controls and measure performance towards subsidiary risk management objectives.
- Continually seek to identify opportunities for improvement and efficiency.
- Support the Technology Risk Lead with technology risk and the proper application of technical and procedural risk principles to enterprise IT environments and practices.
- Assist with coordinating the firm’s response for IT assessments and inquiries, prepare agendas and materials, record and track action items to closure with the firm’s IT, parent company counterparts, auditors and regulators.
- Evaluate and consult on the risks associated with strategic priorities or major programs and projects, formulating targeted recommendations and guidance.
- Collaborate and partner with the business and key stakeholders in creating recommendations to ensure alignment with defined priorities.
- Contribute to comprehensive program updates regarding portfolio prioritization, progress, trends and effectiveness.
- Establish and maintain technology risk register and related security and compliance maturity frameworks.
- Support the identification, assessment, and prioritization of technology risks across the organization's IT landscape.
- Support the lifecycle for IT policy and procedure inventory management.
- Focus efforts on key areas of primary broker dealer risks, including security and privacy of firm, employee and client information, data classification, vendors, and AI.
- Assist with new and renewing vendors and ensure they are successfully processed through the firm’s vendor risk process.
- Partner with the Risk Manager to build a cohesive and effective risk program.
Benefits
- medical/prescription drug coverage (with a Health Savings Account feature)
- dental and vision options
- employee and spouse/child life insurance
- short and long-term disability protection
- 401(k) with PNC match
- pension and stock purchase plans
- dependent care reimbursement account
- back-up child/elder care
- adoption, surrogacy, and doula reimbursement
- educational assistance, including select programs fully paid
- a robust wellness program with financial incentives
- maternity and/or parental leave
- up to 11 paid holidays each year
- 9 occasional absence days each year, unless otherwise required by law
- between 15 to 25 vacation days each year, depending on career level; and years of service.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
