Back to Jobs
R

IT Risk Analyst

Rockland TrustPosted 1 day ago
Full TimeMid
LocationUnited States
Work ArrangementOn-Site
Salary Range$72,000 – $90,000 / year
Experience2-5 years

Job Description

Rockland Trust Company (the Bank) is currently seeking an IT Risk Analyst to enhance our growing IT Risk Management team.  As a member of the team, this position will provide practical and technical IT risk assessment expertise.

The IT Risk Analyst’s primary responsibility will be to conduct various risk assessments, including control design assessments, and control operating effectiveness testing for core IT processes, and devices, among other things.  The details of assessment and testing performed will be recorded in the Bank’s systems of record, and results will be communicated to the appropriate stakeholders. The IT Risk Analyst will play a significant role in engaging various IT owners and contacts across business areas while assessing risk. This role will require close collaboration with application and infrastructure teams to define and assess risks, document and evaluate control design, and test control operating effectiveness. Further, the IT Risk Analyst will participate in the design and evaluation of proposed remediation plans for noted issues to support compliance with prescribed requirements.

The IT Risk Analyst will be encouraged to identify opportunities to automate the risk assessment process across the Bank and implement other compliance automation tools. The IT Risk Analyst may work on other regulatory and process risk assessment programs as well. Assessment duties assigned to this role require continuous development of knowledge regarding specific requirements, risks, and controls across a range of technologies, applications, processes, and infrastructure.

Responsibilities: 

  • Assist with the development and enhancement of Bank-wide technology risk assessment programs, by way of understanding regulations, rules, and requirements to which the Bank is subject, assessing risk against those standards, assessing control design against specified risks, and executing control operating effectiveness testing to determine overall control effectiveness as it relates to specific risks
  • Conduct application and device risk assessments to gather risk specific information about technology applications and across various infrastructure components (network, storage, voice, etc.) to allow for risk assessment, design assessment, and control operating effectiveness testing
  • Conduct initial interviews/walkthroughs with key stakeholders to establish understanding of controls that exist within the application or process to ensure that relevant controls are accurately documented and inventoried
  • Frequent close collaboration with a wide range of stakeholders, both IT and non-IT, to perform the IT Risk Analyst’s duties, including walkthroughs, evidence gathering, and testing 
  • Partner with key stakeholders to identify and assess proposed plans to remediate identified issues and/or deficiencies and provide relevant input
  • Participate in communications between IT/IS and the levying entity to serve as point of contact for issues handling (as agreed upon)
  • In conjunction with the rest of the team, inform key stakeholders of assessment results based on the procedures performed, and the impact those results have on the Bank
  • Document work performed, including supporting evidence, and results thereof in the Bank’s system of record
  • Participate in the continuous improvement efforts of the IT Risk Assessment Team to enhance the risk assessment process and continue adding value to the overall program

  • Demonstrate a proactive mindset for security education, awareness, and the IT environment

     

     

Requirements:

  • Bachelor's degree, preferably in Accounting, Cybersecurity (Information Assurance), Computer Science, Information Technology, or similar 
  • Financial services industry experience, or previous history of successfully navigating a highly regulated and matrixed environment 
  • Detail oriented with the ability to examine and evaluate processes, controls, and issues to contribute to the successful and appropriate assessment of risk, while understanding how this applies to the holistic performance of the company
  • Articulate and support responses to audit or other types of findings
  • Ability to both work independently and collaborate effectively within a broader team and organization 
  • Excellent verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, key stakeholders, team members, and other groups involved in the technology risk assessment process
  • Basic project and time management skills and ability to meet deadlines
  • Exposure to risk frameworks such as NIST, CIS, COBIT, or ISO preferred
About the Company
R
Rockland Trust
1 open position
View all jobs →
Similar Jobs