IT Risk Analyst Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the it risk analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

B Shanahan

Brycen

Shanahan

789 Schimmel Plain

Boston

+1 (555) 776 6521

789 Schimmel Plain

Boston

Phone

p +1 (555) 776 6521

Experience Experience

Houston, TX

IT Risk Analyst

Houston, TX

Macejkovic and Sons

Houston, TX

IT Risk Analyst

Identifying opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk
Provide cover for the IT Risk Manager
Provides risk mitigation recommendations and works with technology and business partners to help mitigate technology risk observations
Performs regular reviews, and contributes to development and maintenance of information technology processes, standards, templates, tools and techniques
Acts as technical advisor to recommend solutions for project managers, analysts, system development resources, and trainers
Report risk performance against established enterprise risk metrics
Conduct 3rd party/vendor IT risk reviews to ensure compliance with Regions 3rd party management framework and vendor has adequate IT controls in place

Chicago, IL

Senior IT Risk Analyst

Chicago, IL

McClure and Sons

Chicago, IL

Senior IT Risk Analyst

Develops and provides organizational ERM training and creates awareness through assisting in regular ERM framework updates
Assist in the development and implementation of new IT risk initiatives, including policies, processes and awareness programs
Support the IT Risk Manager on the implementation of information technology risk management strategy and operating priorities
Helps develop, implement, monitor and manage risk mitigation programs for the enterprise
Monitor Outsourced Suppliers' performance to identify and correct performance problems
Provide oversight of key components of the Company’s third party risk management program
Assist Management with producing metrics and executive level status reports

present

Phoenix, AZ

Principal IT Risk Analyst

Phoenix, AZ

Altenwerth LLC

present

Phoenix, AZ

Principal IT Risk Analyst

present

Contributes to managing the strategic development and improvement of risk frameworks, methodologies and limits. Contributes to strategy of CTS risk reporting
Leads high-impact and complex projects that involve working with the businesses to improve controls that would mitigate any deficiencies
Develops and improves risk systems, methodologies and limits
Leads major risk evaluations and delivers results and recommendations to business areas and Technology management
Provides high value input into risk reports on highly complex issues
Presents reports to the business areas and CTS management
Technology Compliance Steering Committee (TCSC): Represent Digital Workplace on both the US and International TCSC forums

Education Education

Bachelor’s Degree in Computer Science

University of Tennessee

Bachelor’s Degree in Computer Science

Skills Skills

Knowledge and experience with vulnerability scanning solutions such as Qualys, Rapid7, Nexpose, and Tenable Nessus
Provides understanding of business analysis concepts and principles and a basic knowledge of concepts and principles in other technology areas
Excellent analytical ability, and planning/organization skills
Good planning, coordination and implementation skills, and the ability to work across towers and functions to deliver and execute
Excellent leadership skills, organizational skills, and the ability to work independently is essential
Ability to learn quickly, manage through systems and common processes
Excellent written and verbal communications, effective interpersonal skills, strong formal presentation abilities
Ability to prepare and deliver professional training media
Ability to develop strong working relationships, and manage by influence
Strong knowledge of Microsoft Office with Excel, Outlook, and PowerPoint skills

Create a Resume in Minutes

15 IT Risk Analyst resume templates

Read our complete resume writing guides

IT Risk Analyst Resume Examples & Samples

Supporting timely identification of items requiring review
Agreeing scope of each review with CS RMs and Key Stakeholders
Identifying and evaluating the risks and potential impacts posed by those services, technologies or infrastructures
Ensuring those technologies support compliance with Corporate Policies & Standards, Regulatory direction and best business and technology practices
Identifying opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk
Summarising material risk gaps and remediation strategies into structured, easy to understand management reports that can then be used by the RMs to drive compliance to best risk management practices throughout the organization
Providing timely feedback and guidance (both formal and informal) to the CS RMs and Stakeholders on concerns identified
Supporting team success by collaborating on selected reviews and sharing technical, risk and controls knowledge across the team and broader community
3-5 years of deep technical work experience in one or more areas of infrastructure (e.g. UNIX, Windows, mainframe), databases (e.g. DB2, Oracle, SQL Server), mobile and networks is required plus a basic to good awareness of the other technologies
3-5 years related business experience, including Risk Management and/or Technology Audit functions
Comfortable debating issues with senior decision makers and providing appropriate challenge where necessary
Stong understanding of IT control policies and the associated implementation issues
Strong written and verbal presentation skills to a wide variety of senior managers across the organization
CISSP, CISM/CISA, or CRISC certifications a plus

IT Risk Analyst Resume Examples & Samples

Identify gaps and areas of opportunity within the environment
Develop and implement solutions to close the gaps and mitigate risks
Lead and provide guidance for voice security and security related projects
Perform periodic reviews of the voice infrastructure to ensure ongoing compliance to corporate policies and procedures
Ensure all documentation current and accessible by the Unified Communications team
Work closely with key Voice Vendors
Proactive development of Operational processes and procedures
Engineering escalation and follow-up
Knowledge / experience in multiple voice platforms (e.g., trading floor, Cisco, Avaya, VoIP, voice recording)
Worked in Financial Services or regulated industry
Excellent analytic and problem solving skills, positive self-starter with proactive approach
Ability to solve risk / security issues with both tactical and long-term solutions
Good planning, coordination and implementation skills, and the ability to work across towers and functions to deliver and execute
Comfortable working both individually on set objectives and collaboratively with GTI and LOB staff on a broader set objectives
Ability to develop strong working relationships, and manage by influence

IT Risk Analyst Senior Resume Examples & Samples

Evaluate the application of proper IT risk controls and standards within the voice infrastructure
Oversight and governance of the Risk and Control Self Assessment (RCSA) process
Participate in audits of the voice infrastructure
Provide support and consultancy to the Unified Communications team
Training /knowledge transfer as required
Technical advice and recommendations of best practice for voice systems/platforms globally in relation to risk and security
Provide weekly and monthly metrics on team performance and workload
Information Security
Understanding of telephony
Information Security or Risk Management certification
Excellent time management and personal task prioritization
Ability to work well in a high-pressure and dynamic environment

Senior IT Risk Analyst Resume Examples & Samples

Support the IT Risk Manager on the implementation of information technology risk management strategy and operating priorities
Support the integration of the IT Risk Management practices into key Information Technology and business areas
Build effective relationships with key individuals who own and support processes you are responsible for evaluating, including the appropriate line-of-business risk managers
Perform ongoing planning and prioritization of key projects and activities to ensure that resources are applied to the most critical areas. Communicate with the IT Risk Manager, as needed, to ensure proper prioritization and management of workload
Participate on projects and ensure that key IT risks are being adequately addressed. Coordinate with project managers to ensure that issues are identified, action plans are in place and that PLC requirements are being met
Perform risk assessments on key IT processes or assets, identify vulnerabilities and propose solutions to mitigate risk. Perform due diligence and risk assessments on IT service providers
Work with IT areas in developing an effective self-assessment process for proactively identifying risks associated with processes, applications and technical infrastructure components
Support compliance with applicable regulations, which include, but is not limited to the following: the FDIC Improvement Act, the Sarbanes-Oxley Act of 2002 and the Gramm-Leach-Bliley Act of 1999
Support the resolution of Internal Audit, regulatory, or Risk Management related issues that could impact the confidentially, availability or integrity of data or processes
Create effective risk assessment documentation supporting work performed, including formal communication on risk assessment results. Be able to deliver effective presentations to management on summary of work performed and findings

IT Risk Analyst Resume Examples & Samples

Using established methodologies, conduct technical reviews of infrastructure projects e.g. risk assessments of workstation and server platforms, database, network and virtualisation technologies
Assist other teams in the IT Risk organisation with technical reviews of business application systems and provide guidance as a subject matter expert for infrastructure components
Provide IT risk engagement on a variety of projects and provide consultancy and advice on security best practices to clients within the project team and the business
Establish and maintain close working relationships with clients across the IT organisation and work closely with those clients to evaluate the security implications of any proposed changes to the bank’s infrastructure. Assess each change to identify areas where proposals do not meet internal bank or regulatory policies, standards and guidelines
Produce formal reports (e.g. risk assessment documentation) on each solution and take responsibility for ensuring that risks are tracked to remediation or acceptance by the business and IT owners
Assist in finding pragmatic, cost effective solutions to identified security and risk issues
Work closely to align security advice with other divisions within the bank, such as Security Architecture

IT Risk Analyst Resume Examples & Samples

Perform and lead assessments across all BU and Corporate IT operations and services performing security audits, IT process design/operational reviews and risk assessments across Adobe and 3rd party service providers
Develop audit programs, analyze complex processes, assess risks, evaluate for efficiencies and identify opportunities for improvement
Identify internal controls issues, ensure they are well-defined and root causes are analyzed
Summarize and document results of testing for management reporting including proper disposition of test exceptions

IT Risk Analyst Resume Examples & Samples

Degree in a scientific, computing, mathematical or engineering degree or equivalent experience
Professional certifications in key technologies (e.g. CISSP/CCNA/CCSE/CEH/CHFI/PDP/CIPP etc)
Extensive IT Risk security experience, ideally within an IT Environment in a large financial services organization and/or in consulting. Understanding of the impact of technology on banking systems, ideally with some Product knowledge, Fixed Income, Equities etc
Understanding and knowledge of risk s and controls relations to Data Management risks, including understanding of the related regulatory environment
Excellent knowledge of Risk Assessment ‘methodologies’ and outstanding communication skills/ experience with facing demanding clients
Proven track record in delivery of quality IT Risk services to IT and business with aggressive deadlines
Solid relationship management and client focus skills
Excellent written, interpersonal and presentation skills
Ability to work autonomously within projects

Senior IT Risk Analyst Resume Examples & Samples

Initially, you’ll need to understand the business, know our revenue model, know our business and underlying systems and applications and get that figured out quickly. You’ll also get exposure to different people and teams and start building your relationships and trust with them
Shortly after, you’ll need to execute and review test work for IT general controls (covering areas such as logical access, change management, etc) for in-scope applications and systems
Throughout the year we will execute several specialized projects that cover the major risk themes identified by Management, so be prepared to bring your wealth of experience and knowledge to tackle unique challenges and provide high-value to the company

Senior IT Risk Analyst Resume Examples & Samples

One to two years’ experience in IT Governance, Risk, and Compliance methodologies and tools within the financial services sector
In depth experience in third party/vendor due diligence around cybersecurity risk
Strong understanding of NIST Cybersecurity Framework, GLBA, FFIEC Cybersecurity Assessment Tool (CAT), FFIEC Multi-factor Authentication (MFA), SOX, and PCI requirements
Experience with the Archer or another Governance, Risk and Compliance (GRC) tool
Experience with cybersecurity controls framework (NIST 800-53, ISO-27001)
One year experience in writing IT policies, standards, and guidelines
Experience in two of the three areas: IT Audit, IT Risk, and Information Security
Experience working with Bank Supervisory Agencies (FDIC, NCCOB, OCC and/or FRB)
Previous banking or financial services experience

IT Risk Analyst, Specialist Resume Examples & Samples

Ongoing development and Implementation of all aspects of the Company’s security framework
Embedding and operation of information security controls and strategies
Ensuring ongoing compliance with and suitability of information security policies and standards
Coordinate 3rd party certifications
Drive and embed the risk framework, including risk mitigation and control improvement
Coordinate perimeter and application security testing and remediation of issues that arise from testing
Coordinate data ownership and protection
Contribute responses to RFI, RFP and due diligence questionnaires and visits
Incident management response coordination
Evaluating security implications of specialised business/IT requirements
Risk/Gap analysis
Preparation and completion of security related projects and programmes
Involvement in business and IT projects to ensure appropriate controls from the start
Act as a point of expert reference on all Information risk related issues
Provides value input into risk reports. Presents reports to the business areas and CTS management
Leads projects that involve working with the businesses to improve controls that would mitigate any deficiencies. Ensures controls meet regulatory and organization standards
Ensures that existing control practices and procedures are documented. Reviews documentation for evidence of successful and efficient performance
Remains aware of CTS and market trends to determine potential risks to the organization. Recommends any resulting change needed to mitigate risk
Contributes to the achievement of related teams' objectives

IT Risk Analyst Resume Examples & Samples

Be responsible for establishing strong working relationships with Application Development, Information Security, Continuity of Business, as well as other Business/Operations/Infrastructure Risk Management teams
Coordinate or manage technology components of Internal and External audits. Assist development teams in responding to audit requests, perform review of deliverables for completeness and accuracy as needed
Ability to analyze large amounts of data, decipher items relevant to the development unit covered, and determine corresponding risk

Principal IT Risk Analyst Resume Examples & Samples

Identifies, analyzes, monitors and minimizes the most complex areas of risk that pertain to information technology
Leads coordination with disaster recovery and data security teams
Provides high value input into risk reports on highly complex issues
Presents reports to the business areas and CTS management
Leads high-impact and complex projects that involve working with the businesses to improve controls that would mitigate any deficiencies
Ensures controls meet regulatory and organization standards
Develops and improves risk systems, methodologies and limits
Uses expertise of CTS and market trends to determine potential risks to the organization
Recommends and leads any resulting change needed to mitigate risk
Contributes to the achievement of area objectives

IT Risk Analyst Resume Examples & Samples

Minimum 3 years of experience in IT risk assessment and analysis
Minimum 3 years of experience with IT GRC or equivalent risk or security management system
Minimum 2 years working for a bank or financial institution or similar large institution

IT Risk Analyst Resume Examples & Samples

4+ years functional business experience with demonstrated business analysis experience and knowledge of credit, risk analytics and IT
Robust knowledge of risk data architectures
Experience in the banking industry specifically with risk models and/or AIRB implementations an asset
Experience in SQL, Java, SAS, Software Design and Documentation, Software Development, Software Requirements, Software Maintenance, Date Models and Data Maintenance
Works on complex assignments requiring continuous periods of concentration, with periodic interruption, may be required to work outside normal business hours to meet project deadlines or support implementations
Good knowledge of data quality and data governance concepts and controls
Strong analytical skills; proven team player
Designs new computer programs by analyzing business/modelling requirements; constructing workflow charts and diagrams; studying system capabilities; writing specifications
Designs and Develop new User Interfaces for data capture step as part of the deployment of the Risk models architecture
Maintains system protocols by writing and updating procedures
Maintains and develop the data bridges between the Enterprise data warehouse and the Risk Analytics data
Prepares technical reports by collecting, analyzing, and summarizing information and trends
Conduct User Acceptance Testing to verify performance, reliability, and any issues
Assess and analyze statistics and data developed by the Risk team and interpret into usable and actionable information
Assess and analyze the various business models developed by the Risk Analytics team and their integration with the business, processes, and systems
Have a thorough knowledge and understanding of CWB’s systems
Act as a liaison between the Risk Analytics team, and the IT team
Research and development of future product and software enhancements and initiatives

IT Risk Analyst Resume Examples & Samples

Manage the multi-location SOC1 and SOC2 audits including planning and communication with external auditors and coordination of evidence collection with internal process owners
Conduct risk assessment and analysis of the enterprise IT controls portfolio in order to plan and coordinate compliance activities across multiple product delivery organizations
Construct and deliver written and verbal communications to all levels of the organization with clarity, to technical and non-technical people, in order to communicate status, open risks, and drive resolution and remediation of IT risks in a timely manner
Maintain IT risk register including meeting with risk owners, adding, updating and closing risks as needed
Influence people and teams to address risks through effective communications, very positive personal presence, and a proven understanding of the business and technical factors
Investigate risk and compliance issues and help develop corrective actions and preventive measures
Manage IT policies and standards including annual refresh of all documentation, creation of IT policies, and management of IT policy exceptions
5-7 years of experience with IT compliance and risk programs, or security processes within information technology
Bachelor's degree in Information Systems or Technology or equivalent work based experience
Experience with SOC Audits
Prior or current information security certifications such as CISSP, CISM, CISA, CRISC, CGEIT or equivalent
Demonstrable experience with IT disciplines and operational processes
Experience working with Archer or another risk management tool is a bonus
Understanding of the SOX IT Controls, ISO27001, and exposure to Security or IT audit activities
Market understanding of Equifax businesses and products preferred
Demonstrable experience in the planning and delivery of IT projects that encompass multiple teams

IT Risk Analyst Resume Examples & Samples

Through analysis, identify IT risks and activities that need to be addressed and IT controls that need to be implemented prior to go live/legal day one
Evaluate existing IT policies, objectives and requirements to accurately identify and document required activities to be completed
Responsible for providing advisory support in the development of action and remediation plan to manage associated risk
Act as an internal subject matter expert and develop organization capability around risk identification remediation and/or mitigation
Document and report status of agreed upon activities, remediation plans, owners and commitment dates
Track and update/close identified activities, gaps and potential risks
Assist in ensuring accurate data capture of activities and IT risks in support of risk reporting for all levels of management
Maintain strong and effective working relationships with all areas of IT, Risk Management, and extended Compliance Teams
BA or BS in information technology, or related field, or equivalent certifications or equivalent work experience
3+ years relevant industry experience in IT Control and/or IT Compliance
High degree of personal initiative and sense of urgency
Strong communication, facilitation and consensus-building skills
Demonstrated relationship-building skills, with a superior ability to make things happen through the use of positive influence
Ability to work in a fast-paced, deadline-oriented, and dynamic environment
Advanced PC skills including word processing, spreadsheet and database applications
ISACA certification: CRISC and/or CISA
Project management experience (at least 2 years)
Information Technology experience (at least 2 years)

Senior IT Risk Analyst Resume Examples & Samples

Certification such CISA, CIA, CISM, CISSP or CRISC preferred
Minimum 5-8 years of experience in one or more of the following areas: IT audit, IT risk, or other experience involving design and/or operational control effectiveness validation and testing
Must have experience in preparing reports and providing recommendations
Knowledge of one or more of the following: COBIT, NIST, SOX, SSAE16, GLBA, PCI, IT Risk Management, Information Security, IT Controls, and/or IT Audit practices
Good organizational and time management skills, must be highly detail oriented
See above skills

IT Risk Analyst Resume Examples & Samples

Collaborates with stakeholders from business units and support functions to develop risk assessment plans for different business units
Develops and participates in 3rd party risk assessment program
Facilitates meetings with business unit leaders as part of the risk assessment discussions, capture discussion notes and generate meeting summary
Performs risk assessments across different business units and support functions
Analyzes risk management practices, perform gap analysis and develop findings and assessment reports
Develops metrics and reports for senior management
Maintains risk register, track remediation activities and analyse residual risks
Monitors and tracks exception requests and approvals
Maintains and periodically updates risk management policies, standards and procedures
Bachelor’s Degree (Business Administration, Risk Management, Information Security, Management Information Systems (MIS), Computer Science or related IT field) or high school degree and 6 years of work experience in any business-related field
Experience of working in risk management programs in a global environment
Experience in performing risk assessments and creating remediation plan
Project management experience including full lifecycle implementation
Ability to analyze a wide variety of data and make appropriate decisions
Ability to set priorities, develop workflow processes and manage staff
Critical thinking and strategic planning skills
Excellent written and verbal communications, effective interpersonal skills, strong formal presentation abilities
Ability to write and speak in the English language
In-depth pharmaceutical industry and drug development experience
Experience with governance, risk, and compliance (GRC) tools (e.g., Archer, Open Pages)

IT Risk Analyst, Senior Specialist Resume Examples & Samples

IT audit/controls experience
Project/program management for enterprise-level technology risk initiatives
InfoSec experience helpful
IT technical/development/operational experience helpful
Understanding of IT service management principles helpful
ISACA certs are very nice to have

IT Risk Analyst Resume Examples & Samples

Develop and implement risk ownership, standards, policies, and guidelines for the enterprise
Monitor and ensure compliance with industry and government rules and regulations
Lead activities to ensure security compliance that meets all contractual requirements
Report risk performance against established enterprise risk metrics
Serve as an internal subject matter expert, interfacing with internal and external audit teams on all regulatory compliance audits, related processes and testing efforts
Monitor and ensure compliance with applicable industry and government rules and regulations
Conduct technical research as needed to aid with threat assessment or risk mitigation activities
Perform additional risk management activities as needed
General business acumen and process knowledge
Strong communication skills (written, verbal and presentation)
Experience with change in a dynamic business environment
Ability to train risk concepts to non-technical people
CRISC, CISA or CBCP preferred
Experience in SharePoint and reporting services (preferred)
In-depth knowledge of IT Security Management risk practices
Broad knowledge in analyzing and applying information security, risk management, and privacy practices or policies
Experience in strategy definition or program management (preferred)
Experience as a consultant (preferred)
Experience in threat, vulnerability, business continuity, and risk assessment
Knowledge of national and international regulatory compliances and frameworks such as ISO, SOX, EU DPD, HIPAA and PCI DSS
Minimum of 10 years' experience in IT roles to include collaboration with senior leadership
Minimum of 5 years' experience in an IT-Business liaison role (preferred)

IT Risk Analyst Resume Examples & Samples

Conduct 3rd party/vendor IT risk reviews to ensure compliance with Regions 3rd party management framework and vendor has adequate IT controls in place
Conduct targeted internal risk and control assessments on current and/or emerging IT risks
Conduct pre-implementation reviews to ensure appropriate IT controls in place for key projects/initiatives
Provide IT risk advisory/consultative business partnering on key projects, initiatives, and/or emerging risk items to address complex IT risk and compliance considerations
Develop reports to effectively communicate risks, findings, and recommendations for improvement and discuss results with key stakeholders
Work with key stakeholders to ensure identified risks have proper response and/or are adequately mitigated
Track mitigation and resolution of IT risk issues
Attendance and active participation in a number of IT related Project Steering Committees and working groups
Background and/ or experience in IT Audit, IT Security, and/or IT compliance
Depth of knowledge in Information Technology risk management
Solid understanding of Information Technology, System Development, Information Security including the key existing and emerging risks
Experience or knowledge of 3rd party/vendor management lifecycle
Experience in a Financial Institution and/ or Public Accounting
Excellent oral and written communication skills and the ability to work effectively with employees at all levels of the organization (up to and including Senior Management)
Receptive to guidance from manager and ability to effectively communicate results to manager
Excellent leadership skills, organizational skills, and the ability to work independently is essential
Proficiency with Microsoft Excel, Word, and PowerPoint is required

External IT Risk Analyst Resume Examples & Samples

Minimum 2-5 years of experience in one or more of the following areas: IT risk assessments, IT vendor management and/or information security governance
Must have experience in preparing vendor audit reports and providing recommendations
Excellent communication and negotiation skills and experience working with multiple internal and external groups
Ability to learn quickly, manage through systems and common processes
Knowledge of applicable regulations and audit standards such as: ISO, SOX, SSAE16, GLBA
Experience in evaluating risk/compliance requirements

IT Risk Analyst Resume Examples & Samples

Assists the Information Security staff in identifying, developing, implementing and maintaining vulnerability management processes across the organization to reduce risks, and limit exposure to liability in order to reduce financial loss to the organization
Responsible for vulnerability scanning architecture, system security designs, implementation and management of information security systems and/or programs for the protection of the environment
Executes security controls to prevent hackers from infiltrating company information or jeopardizing programs
Researches attempted efforts to compromise security protocol and recommends solutions
Maintains vulnerability management systems
Maintains company firewall and utilizes applicable encryption methods
Creates information security documentation related to work area and completes requests in accordance with company requirements
Responds to information security-related questions and inquiries using established information security tools and procedures
Resolves and/or performs follow through to resolve all information security issues and questions
Implements and administers information security controls using software and vendor security systems
Identifies opportunities and executes plans to improve workflow and understands, quantifies business impacts of those improvements for communication to management
Interfaces with user community to understand security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security
Provides status reports on security matters to develop security risk analysis scenarios and response procedures
Knowledge of networks technologies (protocols, design concepts, access control)
Knowledge of security technologies (encryption, data protection, design, privilege access, etc.)
Knowledge of network design and engineering
Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules
Basic to intermediate decision-making and problem solving skills
Basic to intermediate verbal and written communication skills to technical and non-technical audiences of various levels in the organization
Experience establishing and maintaining effective working relationships with employees and/or clients
Knowledge and experience with vulnerability scanning solutions such as Qualys, Rapid7, Nexpose, and Tenable Nessus
Knowledge and experience with programming languages such as Python, Ruby, Perl, etc

Senior IT Risk Analyst Resume Examples & Samples

Helps develop, implement, monitor and manage risk mitigation programs for the enterprise
Generates risk dashboard for the enterprise and business units, analyzes risk information and ensures dashboards are updated
Monitors and reports on the response strategies for the enterprise’s top risks and any emerging risks
Customizes risk reporting and develops dashboards to monitor risk trends and selects appropriate metrics to monitor the effectiveness of risk mitigation initiatives and the impact to the enterprise
Supports the development and on-going production of enterprise risk management reporting and presentations for meetings with senior leadership and relevant risk committees
Consults with Enterprise Risk Management leaders on strategic and risk related issues and problems as needed; however, a strong degree of independence and ability to problem-solve complex issues with limited supervision is a must
Achieves a deep understanding of the Bank’s strategy and aligns risk assessments with business units and functional objectives to promote thinking about risk from both an operating and strategic perspective
Performs both enterprise wide and targeted risk assessments from the design phase, identification and assessment of enterprise risks, through communicating/presenting results and analysis to Executive Management
Leads cross-functional risk reviews related to new products or systems in order to identify any project risks early in the process to minimize surprises, increase project efficiency and ensure strong controls are in place
Develops and provides organizational ERM training and creates awareness through assisting in regular ERM framework updates
Produces ad-hoc risk reports to management and other related committees as needed
Provide oversight of key components of the Company’s third party risk management program
May review the work output of Enterprise Risk Analyst I’s
Oversee regulatory (IT-related) change management initiatives
Coordinates and completes special projects as assigned including projects intended to mature the ERM function
Bachelor’s Degree (BA/BS) or equivalent, required
Minimum of 5 years of IT Risk Management or IT Audit experience preferably in the financial industry
CISA, CISSP, CISM, GIAC, or other industry related designations highly desirable
Strong working knowledge of basic IT control areas including systems development & acquisition, project management, change management, problem management, capacity planning, information security programs, network security, business continuity & disaster recovery, vendor management, and application input/processing/output
Ability to analyze complex information to provide insights and make strategic business recommendations designed to mitigate risk or recognize opportunities
Demonstrate ability to independently manage multiple work efforts which may involve directing a multitude of business units/key stakeholders
Expert knowledge in IT risk, controls, control testing, risk mitigation strategies, key performance indicators and key risk indicators
Familiarity with mainframe and midrange platforms, operating systems, database management systems, networking, and web applications
Knowledge and hands-on experience with data analysis using ACL preferred
Familiarity with audit governance models such as COSO, COBIT, ITIL, ISO 17799 or PMBOK
Knowledge of basic IT control areas including systems development & acquisition, project management, change management, problem management, capacity planning, information security programs, network security, business continuity & disaster recovery, vendor management, and application input/processing/output
Experience and hands-on experience with data analysis using ACL preferred

IT Risk Analyst Resume Examples & Samples

Experience working with Excel or Access - They will be pulling data from the backend for the Identity & Access Management team and will work with VLOOKUP, macros, pivot tables, etc
Soft Skills is most important to the manager for this role --- need to have an eagerness to learn, need to be very driven and high potential individuals with excellent communication skills
Passionate and interested in getting into an IT Risk role --- View this role as an entry point to IT Risk *Could come from any type of technical background, but must be sharp and interested in gaining more experience within Excel specific to Identity & Access Management risk
Experience within IT Risk, Identity & Access Management or Information Security
Experience using MS PowerPoint, MS Acess, MS Excel, and posess great documentation skills
Must have attention to detail regarding gathering evidence and validating data specific to the Identity & Access Management group within the Risk organization. Must be able to work under time constraints with high quality of work and output

Senior IT Risk Analyst Resume Examples & Samples

Presenting to senior level management on project updates on a weekly /monthly basis
Responsible for the coordination, tracking and remediation of open action items as they arise from regulatory requirements
Work closely with action item owners and internal audit to elicit and agree requirements, remediation steps and see progress to successful closure
Build strong working relationships with both IT and business partners, establishing working groups and workshops with key IT stakeholders and vendors as required
Conducts and is accountable for weekly tracking, coordination and reporting; ensuring proper escalation of issues to senior management
Utilize SOX and IT Risk experience to support audits and regulatory projects
3+ years of experience in the IT industry, preferably in a financial services or consulting organization, focus on SOX and/or IT Risk
Strong Sarbanes-Oxley and COBIT Framework familiarity
Must have some experience presenting to management teams and providing status updates
Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background
Must have experience working with multiple teams and stakeholders to coordinate SOX related activities in a timely manner
Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model
Organizationally agile (i.e., the ability to work well with various levels and functions within the Company)
Effective time management, problem solving and decision making skills

Senior IT Risk Analyst Resume Examples & Samples

An earned Bachelor's degree, in any field, is required for this opening
Ability to communicate complex issues and themes to stakeholders while serving as an independent advisor in identifying business issues, root causes and recommending both short term and long term action plans that address them
The selected candidate will work in partnership with IT Risk, Audit, and Compliance Assessment teams and provide substantive guidance/advice to business partners during all phases of internal and external exams regarding deliverables and potential issues
Because this exciting opportunity allows both hands-on technical and functional contributions to be made in defining and coordinating action plans for IT audit, IT compliance, and Data Protection, experience in these areas is helpful for success, but client will train the right candidate in these domains
3-6+ years professional experience with background in controls, audit, quality assurance, IT risk management, and/or compliance required; or equivalent subject matter expertise in a relevant business related function/operations

IT Risk Analyst Resume Examples & Samples

Own and provide dedicated support for consistent and accurate completion of all IT and Operational Risk Assessment processes required for all Legal vendors as part of Third Party Oversight; maintaining information in the appropriate technology applications (Phoenix) and managing workflow through interaction with vendor
Develop working relationships with contacts at the vendors and risk assessment teams to foster a partnership in completing activities
Experience with IT Risk and other risk management issues, assessments and resolutions
Ability to process improve using technology solutions (SharePoint, Excel, etc)
Experience managing vendors or clients
Strong data analysis, reporting and advanced Excel and PowerPoint skills
Ability to focus and pay attention to detail
Strong interpersonal skills with the ability to build relationships and networks across all levels of management
Adaptable, versatile and flexible
Excellent time management skills with ability to prioritize workload, while maintaining a high attention to detail
Commitment to delivering high quality work
Excellent communication skills, including oral, written and presentationSearch Jobs US

IT Risk Analyst Resume Examples & Samples

Develop provisioning design and requirements based on general guidelines (medium scale)
Perform QA testing for access provisioning and certification, aligned with corporate QA standards
Develop and maintain technical documentation in support of access management processes, aligned with corporate documentation standards
Provide Level 1 support for end users related to access provisioning and access certification
Review security-related events, assessing severity, criticality and priority
Analyze additional logs, forensic investigation procedures and protocols
Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards
Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
Manage internal vulnerability scans and work with Development and Operations colleagues to remediate findings
Manage third-party penetration testing engagements
Provide evidence of control compliance to auditors
Assist with RFIs/RFPs and security due diligence
Post-secondary diploma, certificate or degree in an IT-related discipline
A current operational security credential (e.g. CISSP, GISP, etc.)
5-7 years security operations experience, preferable in financial services/government sector, etc
Understanding of security tools like Burp Suite, nmap, web application scanners, etc
Familiarity with CentOS/RHEL, Apache, Oracle, Java, Managed File Transfer Servers, etc
Knowledge of Reverse Proxies, Firewalls/IPS, HTTPS/Ciphers, SSL Certificates
Knowledge of Identity Management / Single Sign On, SAML

IT Risk Analyst Resume Examples & Samples

Business analysis / requirements gathering on risk programs; build a business case for risk investments
Create and manage strategic roadmaps; monitor industry for change in trends, instantiate roadmaps within the organization
Develop processes and procedures for the IT Risk Program, including documentation, assessment finding mediation, assisting with remediation plan development, progress monitoring, and reporting across various activities
Provide technology risk and information security support to various IT Risk activities, including: legal/regulatory/client inquiries
Gather and analyze information or data on current and future trends of leading practices to inform IT Risk Program development and thinking
Minimum 2-4 years of experience in IT industry, preferably in a financial services or consulting organization
BS or BA degree, preferably in technology/business or equivalent
Professional technology risk certifications strongly preferred (CISSP, CTPRP, CISA, CRISC, CISM)

Lead IT Risk Analyst Resume Examples & Samples

Bachelor's degree in relevant fields
5+ years experience designing and implementing risk identifications and assessments
Advanced data analytics experience
Risk Management certification (CRISC, CGEIT, etc.) or degree
Experience in business risk assessments
Experience designing and implementing an IT risk identification and risk assessment
Expertise quantifying risk
A sound understanding of risk technologies and database structures
Demonstrated project/program management skills
Ability to understand, troubleshoot and describe complex policies and processes
Demonstrated skill and passion for problem solving and operational excellence

Principal IT Risk Analyst Resume Examples & Samples

ARCHER Exceptions: Drive reduction in Archer exceptions/issues to corporate policy
Audit and Risk Reporting: Lead Digital Workplace’s involvement in external audits (e.g., ISO 27001) as well as RCSA, HLA, federal exam/regulatory reviews, and other internal/external continuous audits
Corporate EAM Reviews: Work with Information Risk Management (IRM) and other key stakeholders to develop new policies and corporate guidelines to align to the evolving Digital Workplace technology landscape
Technology Compliance Steering Committee (TCSC): Represent Digital Workplace on both the US and International TCSC forums
Business Acumen
Subject matter expertise in audit/compliance/risk management

Lead IT Risk Analyst Resume Examples & Samples

Plan and perform IT risk assessments in the Security Services, Application Services, Technology Services, Quality Assurance and Enterprise Architecture departments
Identify and assess business and technological risks and provide advice to management regarding the mitigation of these risks
Identify issues in Policies, Procedures and Controls and write remediation plans
Develop and maintain strong advisory relationships with other departments such as I.T., Internal Audit, Legal, Compliance, Business Continuity and other external audit organizations
Support a strategic risk management culture and provide assistance to the business and technology groups
Requires 5-7 years in Information Technology risk management
Requires in-depth skills in and understanding of standards and frameworks such as ISO 27001, ISO9001, NIST, COBIT, FFIEC, ITIL and technology best practices
Understanding of standards, laws and regulations from entities such as SEC, CFTC, CYBER SFC
Experience with internal controls, risk assessment strategies, audit techniques, and project management
Understanding of the risks associated with current and emerging technologies and the standards and controls being developed to mitigate those risks
Proven analytical, problem solving and trouble shooting skills
Diligent, strong initiative, a positive attitude, strong work ethic and a desire to accomplish goals
Strong team player who works well with leaders and peers alike with a desire to contribute positive change
Able to work independently, managing and prioritizing his/her assignments
General knowledge of technologies that support regulatory requirements, settlement and clearing
Experience with Governance and Risk & Compliance Software such as Archer or other eGRC tools
Understanding of various technologies and ability to discuss risks and compliance within the technology departments such as: operating systems, networking, security operations, internet services, databases, messaging, PC services
Proficient in the MS Office products, Adobe Acrobat, SharePoint
Experience with document management tools (e.g., DMS, PolicyTech) is a plus
Bachelor’s Degree in Computer Science, Accounting or Finance
5-7 years’ experience in Information Technology audit

IT Risk Analyst Resume Examples & Samples

Works with the IT process and control owners throughout the organization to ensure that the process documentation, control activities and flowcharts are updated and reflect the key controls activities
Contributes to the audit planning process; assists in the development of audit objectives and detailed test procedures that effectively address key controls and risks
Coordinates the internal control reviews and related testing of the company's IT General and Application Controls
Develops work papers that address the objectives of the audit program and support the conclusions reached during testing
Assists in teaching the process and control owners of the company's internal control program to ensure that there is an understanding of control concepts and financial statement risk
Ensures findings identified are timely communicated to management and assists with remediation plan documentation
Assists with external audit requests, preparation of presentation decks to Management and adhoc projects
Lead coordination and guidance effort for continuous improvement recording, reporting and process
Support to the Information Security efforts
Support Project Management activities
Associate degree in information systems, business or regulatory compliance or 3 years’ work experience in compliance/regulatory environment
>1 year experience in compliance related role including demonstrated knowledge of SOX, PCI, risk analysis
Demonstrated strong business and technical writing experience
Proficiency with Microsoft Office Suite
Demonstrated strong analytical, problem solving, and organizational skills
Demonstrated successful interpersonal and communication skills with the ability to interact with all levels of the organization building positive partnerships
Ability to function at a high level of effectiveness, flexibility, independence and initiative without daily interaction with management
Ability to excel in a fast paced environment managing multiple project work teams simultaneously, applying principles of project management
ITIL/IT Service Management and Change Management processes
Compliance Audit Experience

IT Risk Analyst Resume Examples & Samples

Risk identification, measurement and aggregation and the understanding and management of risk through appropriate practices and processes,
Develops or implements risk-assessment models or methodologies,
Assesses and mitigates enterprise and business exposures through the identification of key and emerging risks and evaluates alignment with established risk strategy,
Monitors the risk and recommends ways to control the environment to ensure that exposures are kept at acceptable levels and may consult on risk mitigation plans
Minimum of 10 years of IT Security experience with at least 5 years of experience in IT Risk Management
Bachelor Degree in Information Security, IT Risk Management, or equivalent experience
One or more of the following certifications: Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), GIAC Critical Controls Certification (GCCC), or GIAC Security Essentials (GSEC)
Familiarity and experience with Frameworks such as NIST, CIS, COBIT, COSO, etc
Desire and ability to learn new / up-and-coming technologies
Strong written and verbal communication skills are required to effectively interact with internal and external partners on all levels to resolve issues and provide solutions in a timely manner
Prior exposure to, and preferably experience with, SOX IT Audit, PCI and Privacy regulations
Experience analyzing business processes and putting together process flow, and recommending process changes and efficiencies
Effectively handle multiple assignments and prioritize accordingly
Experience with GRC tools and policy / procedure development
Self-starter and motivator; ability to work with minimum supervision
Comfortable in an outsourced environment

Senior IT Risk Analyst Resume Examples & Samples

Position is primarily responsible for leading and contributing to a team that analyzes IT risks and controls, with a specific focus on cyber risks and controls
Coordinate and implement plans for cyber risk control gap analyses pertaining to systems and IT departments
Prepare reports with recommended solutions to address assessment findings
Enhance the existing IT project documentation review process and serve as the point person on the tracking of forthcoming IT controls
Correlate departmental internal audit findings, penetration test findings, Sarbanes Oxley documentation, and compliance data to identify IT risk events and mitigating control
Work with business unit managers to determine development of appropriate IT risk events and controls
Report on effectiveness of IT risk initiatives and assess current risk to determine the need for enhancement
Assist with training efforts on procedural changes and enhancements
Assist in the development and implementation of new IT risk initiatives, including policies, processes and awareness programs
Minimum 3 years’ experience with IT audit or IT risk required
Experience working in financial industry or with FFIEC guidelines and experience required
Demonstrated team leadership experience required
Experience with issue tracking and remediation required
Ability to work in a fast paced environment and execute multiple tasks successfully required
Knowledge of the FFIEC Cybersecurity Assessment Tool preferred
Knowledge of the NIST Security Framework preferred
Experience leading technical and project documentation reviews strongly preferred
Experience analyzing penetration test results preferred
Experience in customer service and relationship building preferred

Senior IT Risk Analyst Resume Examples & Samples

Ideal candidate will have relevant experience in an IT department along with at least 4 years in banking or financial services, or equivalent experience in a consulting capacity
Prior experience analyzing and applying regulatory requirements to security practices
Familiarity with changes and trends in the regulatory landscape
Demonstrated organization, facilitation, communication, and presentation skills
Demonstrated ability to lead and execute across a range of businesses and functions with differing issues and interdependencies
Experience in designing and executing management testing of key controls, evaluating controls for effectiveness and efficiency

Principal IT Risk Analyst Resume Examples & Samples

Technology Operational Risk including Risk & Control Self-Assessments (RCSAs) and High Level Assessment (HLA) for Technology
TRM Strategy
TRM Model including Technology Risk & Control Library (TRCL)
TRM Policies & Standards
Technology Risk Assessment Methodology (TRAM)
TRM Risk Reporting including TRM Scorecard covering Key Risk Indications (KRIs)/ Key Performance Indicators (KPIs)
Supports and drives the roadmap for establishing the Technology Risk Strategy, Operational Risk & Reporting service areas. Contributes to developing the strategic direction of the service
Leads Technology Risk & Control Self-Assessments (RCSAs) and supports High Level Assessment (HLA) for Technology
Liaise with multiple teams in identifying, analyzing, monitoring, and minimizing areas of risk that pertain to information technology
Leads major risk evaluations and delivers results and recommendations to business areas and Technology management
Uses in-depth knowledge of Technology risk and market trends to determine potential risks to the organization. Leads any resulting change needed to mitigate risk
Contributes to managing the strategic development and improvement of risk frameworks, methodologies and limits. Contributes to strategy of CTS risk reporting
Support measurement and in-depth analysis of simplified Technology Risk Reporting with Key Risk Indications (KRIs)/ Key Performance Indicators (KPIs) content creating transparency for each level of TRM Domains
Produce Reports/Scorecards intended for relevant audience groups to drive technology risk reduction within defined risk appetite thresholds
People manage a specialist team member
Information Risk/Security and Technology background with focus on Technology Operational Risk OR Governance, Risk and Compliance activities
Experience of Technology Risks frameworks and governance
Experience of Technology Risks and Metrics analysis and reporting
Knowledge of key regulations and industry standards such as ISO 27001&2, NIST SP800-53, NIST Cybersecurity Framework, etc
Have industry recognised certifications e.g. CGEIT, CRISC, CISSP, CISA
Strong presentation and stakeholder management skills

IT Risk Analyst Resume Examples & Samples

Where applicable, assist in the performance of risk assessments related to information security controls and conduct application specific security assessments. The IT Risk Specialist will assist in the evaluation of the assessment results and propose remediation solutions
Assist with vulnerability testing and participate in security configuration determinations
Assist with access and control reviews
Provide assistance in identifying risk(s) and associated controls required for ongoing processes, as well as proposed projects
Manage the Change Advisory Board (CAB) meetings
Assist in the investigation of security breaches, or potential breaches, and assist where required
Assist in the development and implement information security procedures as required
Perform other IT Risk Management activities as assigned
Assist in routine security monitoring tasks
Administer security software solutions as needed
Liaison for Information Security team interacting with Information Security Operations, Audit and Risk
Assist with Patch management program updates desktops, servers and applications
Assist with Verify anti-virus solution installed on servers and desktops is current
Assist with ancillary IT Governance, Risk and Compliance projects and directives as needed
Strong written and verbal communication with solid presentation skills are a must
Excellent analytical ability, and planning/organization skills
Self-motivated to carry out assignments with minimal supervision and collaborate well with others
Required: Bachelor’s Degree in Business, IT or related field or equivalent work experience

Principal IT Risk Analyst Resume Examples & Samples

Ability to present complex IT risk and control concepts verbally and in writing
Strong collaboration and consensus building skills
In-depth understanding and ability to interpret regulatory requirements and control frameworks, including COSO, COBIT, NIST800-53, and others
Ability to interpret results from various types of audits and control reviews (financial/SOX, SSAE16/SOC1/SOC2, internal audit, control self-assessments)
Demonstrated skills in developing recommendations for control remediation and validation
Proven ability to work with globally-dispersed and virtual teams

Assistant VP IT Risk Analyst Resume Examples & Samples

The implementation of an efficient IT Risk Management framework within his entity in charge of IT activity whose components are declined from the Level 2 procedure ‘Risk ORC / ORC IT Risk Measurement and Management – Risk ORC / ORC IT Missions and Responsibilities’ and from the Level 2 procedure ‘Oversight of Risk ORC / ORC IT organization and Governance’. The management of IT risk operationally by assessing and treating appropriately the risks
Creation and Maintenance of new policies and procedures, enhance the existing policies, procedures and IT Risk requirements (structure/program) as needed
Ensuring existence of the appropriate IT organization structure in forecast/ESOP
The follow-up (and production of regular reporting) of Métier/Region IT recommendations implementation (e.g. IG/Regulator/External/Permanent Control actions/Independent consultant) including the reminder to the implementation manager and the escalation at Métier/Region level in order to meet the Group objectives
Investigate and record Historical and Potential IT Incidents. Ensuring the proper collection and analysis of IT historical incidents and the validation of Métier/Region IT incidents before the input in the dedicated Group system, based on CIB standardized criteria
Contribute to the definition and follow-up of associated action plans in addition to regular reporting
Coordinate the bi-annual input of the CIB standard IT OPC control plan results and the main points of attention related to the IT activity processes for the Function/Métier/Region in a Permanent control report
Centralize and consolidate all information related to IT domains including those that are not directly under his direct responsibility. Validate the report with the IT Métier/Region management
Organize Function/Métier/Region IT risk committee at least twice a year (according to Risk procedures)
Identify Métier/Region IT risks perform the follow-up of those IT risks in CIB Archer, ensure that the analysis and evaluation of the underlying risks (via the mapping and analysis of historical incidents have an IT cause). Manage IT risk by assessing and appropriately treating the risks
Contribute to the quantification of IT Métier/Region potential incidents (for AMA entities)
Coordinate all IT permanent control actions for the Métier/Region to ensure a complete and efficient IT Risk Management Framework
Deploy the IT Group Generic controls plans (at least the major ones); specific Metier/Regions controls may be used after having been mapped at least with the major IT Group major generic controls
Act on behalf of management to ensure on-going deployment and maintenance of the controls. This includes providing management with status reporting and escalations when needed
Develop sustainable processes, and controls, as required for the Information Security, Information Technology and Governance, as needed
Coordinate with IT Risk Managers, team members, local management and Global CIB where needed, to provide reasonable assurance that the security program and IT Governance processes and controls are properly implemented and corrective actions are taken where needed
Coordinate with all IT team managers and drive process development, control identification and implementation and other improvement initiatives including facilitation of RCSAs (Risk and Control self-assessments)
Coordinate and lead the deployment of the mandatory procedures in the BNP Paribas Group IT Governance Framework and report to management on status/progress
Coordinate with Information Security and Information Technology team managers, Global CIB, Group Governance Coordinator where needed, to produce other applicable reporting requirements, such as Control Plan Reports, Information Security Steering Committee dashboard reports, Global Security Indicator reports, Vulnerability Tracking reports, Monthly IT Production Control Status Reports and other applicable reporting requirements
Coordinate with the appropriate personnel to perform internal controls assessments, report on the results or internal control assessments and coordinate any necessary follow up action to address control weaknesses or opportunities for improvement
Liaise with the US Regulatory Affairs Team to identify IT procedure needs and assist with creation and maintenance and coordinate IT responses to regulatory questionnaires
Liaise with NAR Métier OP, IT OPC Personnel and CIOs / CTO / CISO to coordinate escalations and follow-ups on IT risk remediation/mitigation actions as required
Contribute to the development and management of IT policies and procedures for the Intermediate Holding Company (IHC) as well as Group, Global and Local IT
Analyze CIB/IS North America IT Risks and interface with Bank of the West and First Hawaiian Bank personnel to prepare Technology Risk Reports for the IHC Board

IT Risk Analyst Resume Examples & Samples

Develop risk management strategies that align with business goals and operations and protect the confidentiality, integrity and availability of information systems and our data
Identify and document business risks, and coordinate remediation of vulnerabilities and threats using repeatable risk assessment methodologies and processes. This may include producing and analyzing output from infrastructure, database, data classifications or web application vulnerability assessments and developing spreadsheets, diagrams, Word documents and reports as requested
Identify, document and disseminate IT security requirements to technology managers and business owners to remediate significant risks and achieve desired levels of confidentiality, integrity, and availability based on internal policies and industry best practices
Communicate effectively with management, engineers, customers and others regarding the need of information security and to help them learn their roles and responsibilities in the implementation and maintenance of appropriate controls to mitigate significant risks
Train assigned team members on security best practices
Continuously identify, assess, measure and monitor information technology risk by performing independent hands-on risk assessments. Includes both in house systems and vendor based solutions covering Information Security, Business Continuity and compliance risk
Identify and communicate recommended security and control deficiencies for business units. Document and monitor the implementation of controls for technology and business project plans
Develop an overall risk management strategy for new or existing services with key business stakeholders
A Bachelor’s Degree (or equivalent) and at least 3-5 years of experience in one of the following functions: Corporate/Risk Governance, Compliance, Project Management or related areas
3 years of security, information technology or technology risk management related work experience
Strong communication and organizational skills, ability to multi-task, strong attention to details, excellent problem solving and follow-up skills required
Work independently, make decisions and multi-task effectively in a very diverse, project oriented environment

Senior IT Risk Analyst Resume Examples & Samples

Actively monitor and utilize Placements Plus to ensure accurate vendor account placements as well as daily/monthly reporting
Completion of all monthly control log activities and reporting including but not limited to complaint log maintenance, FDCPA training, OCA Placements etc
Monitor Outsourced Suppliers' performance to identify and correct performance problems
Active participation in monthly OCA vendor performance calls
Adherence to all controls and compliance requirements
Creation and management of monthly control log of vendor access to PDP and Columbus
Perform testing and validation activities
Customer complaint solutions
Recommend and execute on ideas to increase teams overall efficiency/ effectiveness
Assist with annual audits as needed
3 + years experience in financial services or similar industry. Associate's degree or Bachelor's degree in business or related may be used as a proxy for the experience
Expert knowledge of general/standard office and administrative procedures and methods
Expert data entry and word processing skills; Intermediate or advanced Microsoft Excel skills required
Extensive knowledge of directly applicable departmental policy or procedure is required
Advanced oral and written communication skills sufficient to provide information, answer inquiries, and refer calls
Knowledge of Ally systems (CARS, Shaw, etc.) preferred
Computer skills sufficient to operate on-line system and complex software or develop formulas for moderately sophisticated spreadsheets
Ability to exercise judgment to research and solve operational problems where the answer is not apparent
Ability to decide when approval of an unusual transaction exceeds assigned authority or would have broad ramifications, and to bring such incidents to the attention of the supervisor. Perform qualitative review of individual situations, identify trends, and make recommendations

IT Risk Analyst Resume Examples & Samples

Experience evaluating security controls against weaknesses to identify IT risks
Experience conducting risk assessments of IT systems with knowledge of risk management and commonly accepted security principles
Familiarity with audit techniques, evaluating audit controls, and tracking remediation to compliance
Ability to conduct on-site security assessments for compliance with Commonwealth and federal information security standards
Experience creating and updating security documentation for diverse audiences
Ability to independently research technical and compliance based issues and determine impact security trends may have on IT systems and business processes
Ability to prioritize work to meet business objectives and deadlines
Knowledge of project management techniques and methodologies
Ability to identify and solve technical problems
Professional experience with project management, information security, networks, operating systems, and secure software development
Bachelor’s degree in Information Systems, Information Security, or related field or equivalent experience
Industry certification in Information Security such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Fraud Examiner (CFE), Certified in Risk and Information Systems Control (CRISC), Applicable Global Information Assurance Certification (GIAC), Offensive Security Certified Professional or Expert (OSCP or OSCE), or Certified Ethical Hacker (CEH)

IT Risk Analyst Senior Resume Examples & Samples

Performs risk assessments related to the Data Protection Program, Supplier Management and Enterprise Risk Management (ERM) programs along with consulting projects throughout various risk disciplines at FIS while identifying potential issues, control gaps, and potential process efficiencies
Tracks, coordinates, and resolves issues identified in any and all related control, compliance, or risk work
Requires varied interpersonal and technical skills

Senior IT Risk Analyst Resume Examples & Samples

Own the security roadmap by working with security product owners and delivery leaders to develop multi-year plans that align capabilities with risks and threats
Develop executive presentations on information security
Coordinate key security touch points comprised of senior executives, track action items, and maintain presentation material
Work with security project teams to ensure that project deliverables are aligned with the security roadmap, control program and risk management process
Stay abreast of information security issues and regulatory changes affecting public companies. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position
Bring groups together to share information and resources and create better decisions, policies and practices
5 – 8 years or more of enterprise level information security program management role Requires good interpersonal skills, ability to function in a fast paced, short-deadline environment, and the ability to come up with innovative cost-effective decisions
Ability to communicate effectively with all levels of the organization’s workforce, while maintaining appropriate confidentiality
Possess excellent writing and communication skills to effectively develop policies, and procedures, reports and documentation
Strong presentation skills; ability to adjust message and filter details based on audience (e.g. technical, business, management)

Senior IT Risk Analyst Resume Examples & Samples

Understand and articulate risks associated with technology processes and IT general controls and identify process and control gaps proactively
Liaise across relevant business, technology, and control functions to prioritize risks, challenge technology risk decisions, assumptions and tolerances, and drive appropriate risk response
Contribute to the establishment of metrics and tools to assess and report on inherent risks, control strength and residual risk in a consistent and objective manner
Assist with the development and validation of remediation plans for technology deficiencies by providing effective challenge
Minimum 3 years of experience performing risk management and analysis related activities
Experience working with Risk, Security or Audit frameworks (i.e., COBIT, COSO, ISO 27001/2, NIST 800-53, AICPA)
Strong working experience with Microsoft Office Suite and GRC tools
Ability to document and explain risks and vulnerabilities to both business and technical stakeholders
Must have past experience performing vulnerability research and reporting
Active in the technology industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies

IT Risk Analyst Resume Examples & Samples

Bachelor’s degree in Computer Science mandatory. MBA preferred
Professional certifications CRISC, CISA, CISSP, CISM, CGEIT or CIA preferred
Minimum of 2 to 3 years of related experience in IT Audit, Information Technology Risk and Control, Information Security, Information Technology, Governance of Information Technology, or a related field is mandatory
Experience in developing processes, implementing controls, writing or working with information security and technology policies or procedures and liaising with IT and Business personnel (at all levels)
Familiarity with COBIT, ITIL, FFIEC, ISO/IEC 27001, ISO/IEC 9001, ISO/IEC 20000, SEC, SOX, GLBA, FINRA, Dodd-Frank and other related control frameworks or legislation and regulatory sources is a plus
Strong communication skills, both verbal and written, diligent, detailed oriented, proactive is mandatory
Good organizational skills, project management and ability to manage multiple tasks simultaneously
Ability to work effectively, independently and within teams, to achieve management objectives
Proactive and eager to take on new tasks and challenges,
Ability to identify and propose opportunities for process (and control) improvements
Ability to lead meetings and forward discussions, carry out day-to-day operational work while thinking and planning both tactically and strategically
Ability to create executive level reporting
Demonstrates Persistence, poise and perseverance and able to complete deliverable, accomplish goals and objective under pressure and within set timelines
Proficient in MS Office (specifically Excel, PowerPoint, Word), VISIO, SharePoint,
Experience with Archer system; or a similar Governance, Risk and Compliance Tool (GRC Tool)

IT Risk Analyst Resume Examples & Samples

Assisting in the implementation of a standard operating model for the team for 2017 and into 2018, working with key stakeholders across the Business and Infrastructure functions. This will range from
Designing Minimum Control Standards
Designing and undertaking control assurance activities
Developing and managing independent risk reporting
Providing analysis of risks for technology operations
Independently assessing material risks and/or key controls, providing challenge where needed
Monitoring risk exposures and performance or key risk metrics, using and reviewing the risk type methodologies and supporting development of these where appropriate
Supporting decision-making and approvals around risks and preparation of key risk documentation and reports
Develop relationships with functions engaged in technology operations
Undertake Risk Reviews of IT Control framework
Manage incidents and crises as required within DB’s Crisis Management model
Well-developed sense of personal accountability
Strong work ethic and sense of urgency in personal approach to problems
Ability to form relationships and capitalize upon them to achieve tangible objectives
Highly self-motivated; robust decision making capability
Experienced in influencing senior management
Able to apply the ‘Culture and Beliefs’ of the Bank
Minimum of 5 years of related experience, preferably in financial or consultancy firm
AVP level in current role
IT related experience or Risk Management within IT
Demonstrable Operational/Non-Financial Risk Management skills
Experience of working in major projects in large financial institution
Demonstrable success managing and operating in a matrix environment that encompasses functional and geographical diversity

IT Risk Analyst Resume Examples & Samples

Position will contribute to a team that analyzes IT risks and controls, with a specific focus on cyber risks and controls
Correlate departmental internal audit findings, penetration test findings, Sarbanes Oxley documentation, and compliance data to identify IT risk events and mitigating controls
Assist in the implementation of IT risk initiatives, including policies, processes and awareness programs
Actively pursuing a Bachelor’s degree required
Minimum 2 years’ experience with IT audit or IT risk required
Experience performing IT control testing and creating related documentation required
Experience executing risk assessments required
Demonstrate timely task completion involving solid organizational skills, task tracking, follow-up, and productive peer interaction required
Work independently with a minimum amount of supervision required
Knowledge of ITIL process areas preferred
Demonstrated ability in communicating effectively, both verbally and written preferred
IT Consulting experience a plus

IT Risk Analyst Resume Examples & Samples

Manage project and/ supervise staff to perform IT Risk Assessments, IT Advisory Reviews, IT Project Assessments, 3rd Party IT Testing, and other project reviews as identified
Stay abreast of innovative business and technology trends in IT security, risk, and controls and advise leadership on technology initiatives. Obtain and maintain necessary training to keep current on the discipline of relevant industry and business specific topics
Manage relationships with key stakeholders in the business and technology to ensure effective execution of the risk management framework during IT implementations, including the definition of IT security requirements within new systems
Perform deep dives on IT security-related processes and systems
Lead multiple stakeholders in agreement on appropriate solutions and verify that IT risks are mitigated appropriately. Verify that required controls are incorporated in new products
Identify applicable regulatory risks from changes or releases to regulatory guidance and requirements and provide subject matter expertise for resolution and risk mitigation
Manage targeted reviews of internal risk and control assessments on current and/or emerging IT risks
Develop, track, and report on Key Risk Indicators (KRIs) for Information Technology
Use subject matter expertise to provide independent challenge of Business Units’ processes for identification and assessment of IT risks and controls by performing activities such as process-level walkthroughs, control testing, etc
Monitor, track, and report mitigation and resolution of IT risk issues
Develop and manage reporting to effectively communicate key risks, findings, and recommendations for improvement and discuss results with key stakeholders
Deep knowledge in Information Technology risk management
Solid understanding of Information Technology, System Development, and Information Security including key existing and emerging risks
Experience or knowledge of 3rd party/vendor management lifecycle is preferred
Experience in a Financial Institution and/ or Public Accounting is preferred but not required
Excellent oral and written communication skills and the ability to work effectively with employees at all levels of the organization (up to and including Senior and Executive Management)
Receptive to guidance from manager and able to effectively communicate results to manager

Senior IT Risk Analyst Resume Examples & Samples

Information Security certifications (CISSP, CISM, CISA)
Risk management or IT risk experience
Knowledge of ISO 27001, COBIT and ISO 31000
Understanding of IT audit principles

IT Risk Analyst Resume Examples & Samples

Provides expertise interpreting the compliance to the National Institute of Standards in Technology and other industry security standards
Acts as technical advisor to recommend solutions for project managers, analysts, system development resources, and trainers
Coordinates and participates in audits, vulnerability testing, and compliance reviews representing information technology functions in support of security, audit, and risk needs. Tracks and reports on remediation efforts. Escalates areas of risk and concern
Performs information technology business continuity and disaster recovery risk assessments, and supports corrective actions
Performs regular reviews, and contributes to development and maintenance of information technology processes, standards, templates, tools and techniques
Responsible for facilitating, tracking, measuring, reporting and interpreting key information technology metrics
Acts as liaison between corporate functions, internal/external clients, operations and technical staff
Develops and maintains project communications and management reporting on quality reviews and audit and remediation activities
Works in conjunction with other departments to ensure the best corporate solutions are architected and deployed
3 + years in designing, developing, implementing, managing, or supporting information technology solutions
Prior work experience in information technology security, project management, data center operations, or application development or support
Experience with vulnerability scanning and intrusion detection processes
Demonstrated ability to meet regulatory agency standards, such as Sarbanes Oxley, SSAE16 or NIST
Demonstrated knowledge and comprehension of technical system environments, including infrastructure networks, web applications, iSeries or Microsoft server systems, data storage, and packaged software products
Ability to prepare and deliver professional training media
Proven productivity and efficiency in completing deliverables
Consistently accepts accountability for decisions made
Demonstrated ability to develop new processes, analyze existing processes, and recommend improvements
Demonstrated ability to complete complex and challenging assignments on time and with confidence
Shows commitment to acquiring new knowledge and skills to improve success
Demonstrated ability to identify business and customer needs, is able to effectively articulate at all levels and build strong customer and peer relationships
Exceptional oral and written communication skills, presentation skills and team work

IT Risk Analyst, Specialist Resume Examples & Samples

Large company and/or financial services experience strongly preferred
Project/program management for technology and/or risk initiatives
Other IT risk/governance/policy experience
IT operational experience helpful
Strong business/tech writing and presentation development skills helpful
ISACA/PMI certification are nice to have

IT Risk Analyst Resume Examples & Samples

Support the technology controls and assessment framework, leveraging standard tools and processes to identify control, process, and application issues / deficiencies. Identify framework efficiency and effectiveness opportunities
Develop presentation materials and reports for the team and senior management business and technology stakeholders; work closely with the technology teams to collect and track an array of metrics required for reporting
Lead small-to-medium scale projects and deliver presentations with minimal supervision
Experience working with JAVA and COBOL applications on the risk perspective
Understating of the mainframe environment is a plus
Proficient in Microsoft Office (especially Excel and PowerPoint) and Microsoft SharePoint
Articulate the business value and impact of technical and non-technical information and understand when to escalate issues
Demonstrate organizational and time management skills with the ability to adapt and adjust to changing priorities and to manage multiple assignments with challenging / conflicting deadlines
Proficient communication, consensus-building, interpretation, analytical, and negotiation skills
CRISC, CISSP, or CISM/CISA certifications a plus

IT Risk Analyst, AVP Resume Examples & Samples

Carry out IT Risk Assessments and related tasks
Work with the control owner to improve control strength
Track open risks to insure remediation plans have been executed to mitigate the risk
Promote an understanding of IT Risk roles, processes and activities
Analytical and rigorous
Reactive and adaptive
Straightforward and clear communicator
Strong understanding of financial institutions
Strong excel skills for in depth analysis
Any one or more of the following certifications: CISM, CRISC or CISSP
3+ years in Financial Services
3+ years in a relevant Risk or Audit function

IT Risk Analyst Resume Examples & Samples

Demonstrate solid knowledge on technology processes within infrastructure, information security, SDLC and Enterprise Service Management utilizing various IT controls frameworks (i.e. COBIT 5)
Monitor internal and external business, regulatory and technology environment to identify new or emerging risks and verify remediation of issues
Minimum 5 years of work related experience in technology
Strong understanding of technology processes, risks and issues including infrastructure, information security, SDLC and Service Management (knowledge within cloud computing is preferred, specifically AWS)
Capable of identifying, evaluating and mitigating significant risks within an enterprise
Basic knowledge of SOC2 attestation reports
Must have and maintain at least one of the following certification: CISSP, CISA, CRISC or equivalent designation
Strong oral and written communication skills and ability to work well with others and in a collaborative, complex and fast paced environment
Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals

IT Risk Analyst Resume Examples & Samples

An understanding of risk and management controls in a FTSE100/250 or equivalent entity
Exposure to industry quality management frameworks and ‘lean’ principles
Awareness of project management techniques
Process management of a control environment for IT systems and procedures
Use of MS Office suite of applications
Familiarity with Tableau, SharePoint, JIRA and Confluence
Ability to communicate effectively with global stakeholders

Senior IT Risk Analyst Resume Examples & Samples

Strong understanding of NIST Cybersecurity Framework (CSF), GLBA, SOX, PCI, and FFIEC requirements
Experience in developing, maintaining, and maturing enterprise business continuity plans
Experience in crisis response coordination

Endur IT Risk Analyst Resume Examples & Samples

Working with business representatives who are the subject matter experts in their area
Continuous improvement to achieve a future state vision; across people, process and technology accommodating both business and functional requirement
Support and enhance the solutions for the business in their local region
Work with Application Developers and /or Application Vendors to test / validate application changes to the solutions

Download IT Risk Analyst Resume Sample as Image file

Related Job Titles

Risk Analyst Resume Sample

Operational Risk Analyst Resume Sample

Risk Senior Analyst Resume Sample

Risk & Controls Analyst Resume Sample

IT Quality Analyst Resume Sample

Market Risk Analyst Resume Sample

Business Risk Analyst Resume Sample

Senior Risk Analyst Resume Sample

IT Analyst Resume Sample

Risk Management Analyst Resume Sample

IT Build Analyst Resume Sample

Risk Credit Analyst Resume Sample

Browse More

IT Risk Analyst Resume Samples

The Guide To Resume Tailoring

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Resume Builder

15 IT Risk Analyst resume templates

Read our complete resume writing guides

How to Tailor Your Resume

How to Make a Resume

How to Mention Achievements

Work Experience in Resume

50+ Skills to Put on a Resume

How and Why Put Hobbies

Top 22 Fonts for Your Resume

50 Best Resume Tips

200+ Action Words to Use

Internship Resume

Killer Resume Summary

Write a Resume Objective

What to Put on a Resume

How Long Should a Resume Be

The Best Resume Format

How to List Education

CV vs. Resume: The Difference

Include Contact Information

Resume Format PDF vs Word

How to Write a Student Resume

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Senior Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

IT Risk Analyst, Specialist Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

Principal IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst, Senior Specialist Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

External IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

Lead IT Risk Analyst Resume Examples & Samples

Principal IT Risk Analyst Resume Examples & Samples

Lead IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

Principal IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

Principal IT Risk Analyst Resume Examples & Samples

Assistant VP IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Senior Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

Senior IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

IT Risk Analyst Resume Examples & Samples

How to Make
a Resume

50 Best
Resume Tips

200+ Action
Words to Use

Internship
Resume