IT Risk Analyst Job Description
IT Risk Analyst Duties & Responsibilities
To write an effective IT risk analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included IT risk analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
IT Risk Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Risk Analyst
List any licenses or certifications required by the position: CISA, CISSP, CISM, CRISC, ISACA, SOX, CRSC, ISO, CISCO, SAFR
Education for IT Risk Analyst
Typically a job would require a certain level of education.
Employers hiring for the IT risk analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Business, Management, Information Technology, Financial Services, Information Systems, Education, Accounting, Finance, Performance
Skills for IT Risk Analyst
Desired skills for IT risk analyst include:
Desired experience for IT risk analyst includes:
IT Risk Analyst Examples
IT Risk Analyst Job Description
- Lead requirements prioritization and leverage techniques to drive out business priorities
- Apply key elicitation techniques and advanced facilitation techniques to conduct large workshops
- Analyze and document scope of the business solution using enterprise-standard requirements process and techniques
- Build and maintain a repository of reusable requirements documentation to support future initiatives
- Conduct requirements walkthroughs and facilitate sign-off with stakeholders
- Validate test cases and ensure they provide full coverage of the critical requirements
- Work with business users to determine high level requirements for liquidity risk system
- Work with the development team to shape system design
- Write business rules to process trade and reference data in liquidity risk system
- Assist in optimization of business rules and stress scenarios
- Four or more years of relevant information technology audit experience with ICFR IT audits
- Strong understanding of PCAOB and SEC requirements for compliance with SOX
- The role requires a good working knowledge of credit risk business within a systems environment
- Experience in Requirement Gathering, Use Case Modelling tools
- Bachelor’s degree and 3-5 years experience within IT risk related discipline
- Extensive functional skills within the PB CRM (Credit Risk Management) domain (process, system, methodologies) especially on PB/WM lending and Credit Risk monitoring side
IT Risk Analyst Job Description
- Perform selected IT Risk Assessments on IT projects and controls
- Responsible for providing required data for the management reporting and dashboards as part of the risk & controls horizontal function
- Work with Infrastructure & Applications Teams to track details on open Audit items
- Including a structured statement of the risk, ownership, and progress of work that is being done to ensure the critical and major items are closed out correctly within the agreed timelines
- Develop, recommend, influence and coach Infrastructure/Application teams to make changes to current process, policy and workflow to reduce risk, avoid critical audit findings, and manage technology life cycles
- Educate, advertise, and communicate using all available channels to establish an environment that fosters a risk-conscious and security aware culture at all levels of the Organization
- Implement and execute follow up procedures to go back and check on signed off Audit Items to ensure continued adherence to processes that were put in place as part of the Audit Item sign off
- Work across Infrastructure/Application teams to develop, capture and replicate best practices that utilize activity and resource management to ensure timely closure of all critical and major audit items
- Provide regular updates to the risk & controls team and IT line management on the progress made around ongoing initiatives for risk, audit, controls & legacy technology
- Works closely with the IT infrastructure/application teams in executing the risk, audit & controls strategy
- Experience on PB Core banking and Credit Risk systems (T24)
- Degree level qualification in computing
- FDSF, FRTB, SFTQ related scenario/risk analysis
- New product/services integration including Structured Notes and complex OTC derivatives
- Risk rationalization program
- Front office sourcing
IT Risk Analyst Job Description
- Knowledge of and support of enterprise compliance efforts and assist with enterprise cyber and technology risk assessments
- Performs and leads risk assessments by analyzing existing security posture, identifying gaps and provides recommendations to mitigate risks
- Ensures that existing control practices and procedures are documented
- Designs new computer programs by analyzing business/modelling requirements
- Reviews customer requests for information (RFI) or proposals (RFP) related to the protection of information, IT compliance, and technical support services and provides required data
- Maintains and implements IS Risk Management frameworks, assessment methodologies, and tools
- Provides assistance to IT Audit, Internal Audit, and other departments regarding IS Risk Management issues and controls
- Monitors risk notifications from vendors and assists with appropriate documentation and responses
- Consults with Enterprise Risk Management leaders on strategic and risk related issues and problems as needed
- Provide 1B review and approval on all T&O Issues relating to security exemptions and risk acceptance
- 10 or more years of experience in requirements engineering in PB Credit Risk areas
- Minimum of 5 years experience working in Capital Risk Management within the financial industry
- Minimum of 3 years experience working with Capital Risk Management application projects
- 5+ years experience with HTML/JavaScript/XML/JSP server side Java-based environment
- 5+ years experience with J2EE
- 2+ years experience with SUSE Linux 11 64 bit, WebLogic 10, BEA jRocket orTomcat/JBoss
IT Risk Analyst Job Description
- Provide liaison to IT Risk CoG on standard and policies as directed
- Review and define gap analysis as directed
- Define implementation approach and assist T&O segments as directed
- Consult with ORM managers on IT Risk where additional technical support is required
- Function as a security consultant with the T&O Operational Risk team
- Business analysis / requirements gathering on risk programs
- Delivery of Quarterly Vulnerability Scans
- Assist as needed with Vulnerability Remediation
- Contributes to the audit planning process
- Collaborates on enterprise solutions focused in the areas of network (LAN, WAN, Wireless) and data center technologies
- 3+ year experience with PVCS or Accurev, ANT
- 5+ year experience with a Java-based IDE
- 2nd line / technical level application support experience
- Exposure to FO trading environment with full front to back tradeflow exposure
- Good understanding of financial valuations, including p&l and different risk calculations
- Good static and market data expertise
IT Risk Analyst Job Description
- Identify and document business risks, and coordinate remediation of vulnerabilities and threats using repeatable risk assessment methodologies and processes
- Stay abreast of information security issues and regulatory changes affecting public companies
- Manages IT risk issue database by proactively collaborating with various key leads to generate risk posture dashboards and reports ensuring the accuracy of the data and associated reports
- Coordinates with auditors and IT audit contacts for the preparation and the facilitation of audit procedures for IT general computer controls, SDLC and IT security
- Performs analysis of potential control enhancement and facilitates the implementation of the recommendations
- Understands and analyze IT processes with the aim of to identify, recommend and deliver improvements to strengthen internal controls
- Ensures that enterprise-wide security policies and controls are developed, implemented, and regularly maintained in such a way as to mitigate both organizational and regulatory risk
- Develops summaries, reports and key risk profiles to identify vulnerabilities and trends to proactively inform the IT stakeholders
- Proactive analysis in project assessments to support Emerging Technology implementation in CG like Cloud/Hosted Services, Process Automation and Multi-Modal IT
- Provides other functions deemed necessary and applicable by executive leadership
- Use initiative and creativity in solving issues
- Experience of coordinating and line managing large teams
- Proactively engage with little or no formal direction
- Capacity and passion to learn and willingness to take on challenges
- Ability to assimilate unaccustomed knowledge and concepts
- Ability to manage ambiguity in an evolving environment and solution-minded