Technology Risk & Control Associate

About The Position

Requirements

• BS/BA in Information Systems, Engineering, Computer Science/MIS, Business Administration, or relevant experience with areas of focus in Technology, Accounting, Finance, or Information Security.
• 3+ years of experience, or combination of, IT Audit/Assessment and IT Risk preferred. Experience in financial services, management consulting, and/or insurance industry is a plus. Previous exposure to Insurance business operations preferred but not required
• 3+ years of experience within technology risk, control, and governance, IT Internal Audit or SOX disciplines in financial industry
• Foundational understanding of the Technology Risk lifecycle (Identify, Assess, Treat, Monitor).
• Ability to document and track control deficiencies, risk findings, and action plans clearly and concisely.
• Basic knowledge of core IT concepts (Networking, Cloud Computing, Operating Systems, Application Development Lifecycle, Cyber Security basics).
• Familiarity with Policy and Standard compliance and the importance of evidence collection.
• Ability to write and optimize basic to moderately complex queries for data extraction and manipulation from various data sources.
• Experience creating insightful dashboards and reports using tools like Power BI, Qlikview, or Tableau. Ability to tell a story with data.
• Advanced proficiency in Microsoft Excel for rapid data analysis.
• Ability to ensure data integrity and accuracy in all reports; strong attention to detail in presentation and documentation.
• Communication: Excellent written and verbal communication skills; ability to articulate technical data/risk concepts to both technical and non-technical stakeholders.
• Problem-Solving: Strong analytical and critical thinking abilities to diagnose data anomalies and investigate risk events.
• Organization & Time Management: Ability to manage multiple tasks and deadlines simultaneously while maintaining high-quality output.
• Learning Agility: High curiosity and motivation to quickly learn new tools, technologies, and evolving risk landscapes.
• Collaboration: Proven ability to work effectively within a team environment and interact professionally with cross-functional partners.

Nice To Haves

• CISA, CISSP, CISM, CRISC, CGEIT, or other relevant certification is desired; non-certified hires are encouraged to become certified within 2 years from the date of hire
• Experience in financial services, management consulting, and/or insurance industry is a plus.
• Previous exposure to Insurance business operations preferred but not required

Responsibilities

• Data Analytics and Reporting:
• Develop, enhance, and automate dashboards and reports using tools such as Power BI, Qlikview, Tableau, or Excel.
• Collect, clean, and normalize datasets from multiple systems to support analytics and insights.
• Conduct ad-hoc data analysis to support leadership decisions, technology performance metrics, and operational insights.
• Build repeatable reporting mechanisms to track risks, controls, and operational performance for Management reporting.
• Maintain data quality standards and ensure integrity across reporting sources.
• Technology Risk Management
• Assist in conducting risk assessments across Technology processes, applications, and platforms.
• Support issue and risk event lifecycle management, including documentation, root-cause analysis, and remediation tracking.
• Perform control testing and evidence collection as part of risk and controls self-assessment activities.
• Maintain risk registers, dashboards, and reporting materials for Technology Risk leadership.
• Partner with stakeholders across technology teams to translate risk requirements into actionable tasks.