IT Risk Analyst Job Description
IT risk analyst
provides advisory services related to internal controls, risk assessments, risk management, IT controls, related standards (HIPAA, HITECH, NIST, etc.) and corrective action plans.
IT Risk Analyst Duties & Responsibilities
To write an effective IT risk analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included IT risk analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Analyse and produce functional specifications arising from the requirements of users
Develop and execute test plans for integration testing to ensure business requirements have been met
Analyse and respond to complex queries and issues from risk managers and other users relating not only to current projects but also to runtime system functionality and future concepts/ideas
Mentor more Junior Analysts in the team
Manages financial operations for Risk IT which includes invoice management, SOW management, month end close, inter-region journal entries, cost center investigations, professional service fee accruals, and the overall integrity of portfolio financials
Assists in forecasting and planning cycles, including monthly/quarterly project forecasts, annual IT planning, and quarterly finance cost center forecasts
Assists in the creation and support of the Month End Closure cycle covering IT Risk, Project management, financials and resource reporting
Supports business solutions that support the monthly recovery cycle, improving the recovery cycle
Supports and participates in the evaluation of 3rd party vendor data, internal project data and internal expense management reporting
Provides group analytical services supporting the Risk IT team
IT Risk Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Risk Analyst
List any licenses or certifications required by the position: CISA, CISSP, CISM, CRISC, ISACA, SOX, CRSC, ISO, CISCO, SAFR
Education for IT Risk Analyst
Typically a job would require a certain level of education.
Employers hiring for the IT risk analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Business, Management, Information Technology, Financial Services, Information Systems, Education, Accounting, Finance, Performance
Skills for IT Risk Analyst
Desired skills for IT risk analyst include:
ISO
IT Infrastructure Library and ISO 20000
IT policies
NIST
Risk Assessments
Change management
ITIL
3rd party/vendor management lifecycle
Broad range of standards and frameworks — for example
IT risk concepts
Desired experience for IT risk analyst includes:
Knowledge of Governance, Risk and Compliance frameworks (COSO, COBIT etc)
Experience leading and coaching teams as they perform assessments to evaluate controls, security, SOD, and execute audit procedures
Comfortable interfacing with cross functional teams on projects leading the planning and execution of projects
Experience identifying key risks and controls, recommending improved controls, performing controls readiness projects and identifying and assessing configuration of controls in financial reporting related business processes
Working knowledge of security products such as RACF
Exposure to server and database administration principles and practices
IT Risk Analyst Examples
1
IT Risk Analyst Job Description
Job Description Example
Our innovative and growing company is hiring for an IT risk analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for IT risk analyst
- Lead requirements prioritization and leverage techniques to drive out business priorities
- Apply key elicitation techniques and advanced facilitation techniques to conduct large workshops
- Analyze and document scope of the business solution using enterprise-standard requirements process and techniques
- Build and maintain a repository of reusable requirements documentation to support future initiatives
- Conduct requirements walkthroughs and facilitate sign-off with stakeholders
- Validate test cases and ensure they provide full coverage of the critical requirements
- Work with business users to determine high level requirements for liquidity risk system
- Work with the development team to shape system design
- Write business rules to process trade and reference data in liquidity risk system
- Assist in optimization of business rules and stress scenarios
Qualifications for IT risk analyst
- Four or more years of relevant information technology audit experience with ICFR IT audits
- Strong understanding of PCAOB and SEC requirements for compliance with SOX
- The role requires a good working knowledge of credit risk business within a systems environment
- Experience in Requirement Gathering, Use Case Modelling tools
- Bachelor’s degree and 3-5 years experience within IT risk related discipline
- Extensive functional skills within the PB CRM (Credit Risk Management) domain (process, system, methodologies) especially on PB/WM lending and Credit Risk monitoring side
2
IT Risk Analyst Job Description
Job Description Example
Our innovative and growing company is hiring for an IT risk analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for IT risk analyst
- Perform selected IT Risk Assessments on IT projects and controls
- Responsible for providing required data for the management reporting and dashboards as part of the risk & controls horizontal function
- Work with Infrastructure & Applications Teams to track details on open Audit items
- Including a structured statement of the risk, ownership, and progress of work that is being done to ensure the critical and major items are closed out correctly within the agreed timelines
- Develop, recommend, influence and coach Infrastructure/Application teams to make changes to current process, policy and workflow to reduce risk, avoid critical audit findings, and manage technology life cycles
- Educate, advertise, and communicate using all available channels to establish an environment that fosters a risk-conscious and security aware culture at all levels of the Organization
- Implement and execute follow up procedures to go back and check on signed off Audit Items to ensure continued adherence to processes that were put in place as part of the Audit Item sign off
- Work across Infrastructure/Application teams to develop, capture and replicate best practices that utilize activity and resource management to ensure timely closure of all critical and major audit items
- Provide regular updates to the risk & controls team and IT line management on the progress made around ongoing initiatives for risk, audit, controls & legacy technology
- Works closely with the IT infrastructure/application teams in executing the risk, audit & controls strategy
Qualifications for IT risk analyst
- Experience on PB Core banking and Credit Risk systems (T24)
- Degree level qualification in computing
- FDSF, FRTB, SFTQ related scenario/risk analysis
- New product/services integration including Structured Notes and complex OTC derivatives
- Risk rationalization program
- Front office sourcing
3
IT Risk Analyst Job Description
Job Description Example
Our growing company is looking to fill the role of IT risk analyst. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for IT risk analyst
- Knowledge of and support of enterprise compliance efforts and assist with enterprise cyber and technology risk assessments
- Performs and leads risk assessments by analyzing existing security posture, identifying gaps and provides recommendations to mitigate risks
- Ensures that existing control practices and procedures are documented
- Designs new computer programs by analyzing business/modelling requirements
- Reviews customer requests for information (RFI) or proposals (RFP) related to the protection of information, IT compliance, and technical support services and provides required data
- Maintains and implements IS Risk Management frameworks, assessment methodologies, and tools
- Provides assistance to IT Audit, Internal Audit, and other departments regarding IS Risk Management issues and controls
- Monitors risk notifications from vendors and assists with appropriate documentation and responses
- Consults with Enterprise Risk Management leaders on strategic and risk related issues and problems as needed
- Provide 1B review and approval on all T&O Issues relating to security exemptions and risk acceptance
Qualifications for IT risk analyst
- 10 or more years of experience in requirements engineering in PB Credit Risk areas
- Minimum of 5 years experience working in Capital Risk Management within the financial industry
- Minimum of 3 years experience working with Capital Risk Management application projects
- 5+ years experience with HTML/JavaScript/XML/JSP server side Java-based environment
- 5+ years experience with J2EE
- 2+ years experience with SUSE Linux 11 64 bit, WebLogic 10, BEA jRocket orTomcat/JBoss
4
IT Risk Analyst Job Description
Job Description Example
Our growing company is searching for experienced candidates for the position of IT risk analyst. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for IT risk analyst
- Provide liaison to IT Risk CoG on standard and policies as directed
- Review and define gap analysis as directed
- Define implementation approach and assist T&O segments as directed
- Consult with ORM managers on IT Risk where additional technical support is required
- Function as a security consultant with the T&O Operational Risk team
- Business analysis / requirements gathering on risk programs
- Delivery of Quarterly Vulnerability Scans
- Assist as needed with Vulnerability Remediation
- Contributes to the audit planning process
- Collaborates on enterprise solutions focused in the areas of network (LAN, WAN, Wireless) and data center technologies
Qualifications for IT risk analyst
- 3+ year experience with PVCS or Accurev, ANT
- 5+ year experience with a Java-based IDE
- 2nd line / technical level application support experience
- Exposure to FO trading environment with full front to back tradeflow exposure
- Good understanding of financial valuations, including p&l and different risk calculations
- Good static and market data expertise
5
IT Risk Analyst Job Description
Job Description Example
Our company is growing rapidly and is looking for an IT risk analyst. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for IT risk analyst
- Identify and document business risks, and coordinate remediation of vulnerabilities and threats using repeatable risk assessment methodologies and processes
- Stay abreast of information security issues and regulatory changes affecting public companies
- Manages IT risk issue database by proactively collaborating with various key leads to generate risk posture dashboards and reports ensuring the accuracy of the data and associated reports
- Coordinates with auditors and IT audit contacts for the preparation and the facilitation of audit procedures for IT general computer controls, SDLC and IT security
- Performs analysis of potential control enhancement and facilitates the implementation of the recommendations
- Understands and analyze IT processes with the aim of to identify, recommend and deliver improvements to strengthen internal controls
- Ensures that enterprise-wide security policies and controls are developed, implemented, and regularly maintained in such a way as to mitigate both organizational and regulatory risk
- Develops summaries, reports and key risk profiles to identify vulnerabilities and trends to proactively inform the IT stakeholders
- Proactive analysis in project assessments to support Emerging Technology implementation in CG like Cloud/Hosted Services, Process Automation and Multi-Modal IT
- Provides other functions deemed necessary and applicable by executive leadership
Qualifications for IT risk analyst
- Use initiative and creativity in solving issues
- Experience of coordinating and line managing large teams
- Proactively engage with little or no formal direction
- Capacity and passion to learn and willingness to take on challenges
- Ability to assimilate unaccustomed knowledge and concepts
- Ability to manage ambiguity in an evolving environment and solution-minded