Senior Technology Risk Analyst – Monitoring and Testing
Indexed description
Responsibilities
- Lead planning and execution of control monitoring and testing across multiple complex technology and cybersecurity processes, ensuring adherence to methodology, timelines, and quality standards.
- Independently perform and/or oversee control design and operating effectiveness testing; review workpapers and evidence for completeness, accuracy, and audit readiness.
- Assess material controls and evaluate whether enhanced controls and remediation actions are effective to support issue validation and closure.
- Ensure testing results are documented clearly and accurately in the system of record and supporting tools, producing audit-ready documentation suitable for QA, Internal Audit, and Regulatory review.
- Proactively escalate significant control deficiencies, emerging risks, and delivery risks; drive follow-up with stakeholders to achieve timely resolution.
- Lead issue validation testing to confirm remediation effectiveness and provide evidence-based recommendations to support issue closure.
- Support and/or lead Risk and Control Self-Assessments (RCSAs), including creation and validation of process maps that reflect key processes, risks, and controls.
- Lead identification and prioritization of opportunities to enhance testing through automation, data analytics, and improved key control metrics (KRIs/KCMs); partner with stakeholders to support implementation.
- Strengthen continuous monitoring by refining metrics, improving coverage, and leveraging trend and anomaly analysis to increase risk signal and reduce noise.
- Build and expand trusted relationships across business and technology stakeholders; influence outcomes through compelling, fact-based analysis and clear recommendations.
- Mentor junior analysts on risk methodology, documentation standards, and analytical techniques.
- Stay current on regulatory changes, emerging technology risks, and evolving industry frameworks.
- Proactively pursue ongoing professional development, including relevant certifications, industry training, etc. to maintain current knowledge in a rapidly evolving field.
- 5–7 years of progressive experience in IT risk management, information security, or internal audit.
- Working knowledge of control frameworks including CRI Profile, NIST 800-53, NIST CSF, COBIT, and/or ITIL.
- Experience conducting or supporting RCSAs, control testing, and risk assessments in a regulated environment.
- Strong analytical and problem-solving skills with the ability to interpret complex data and translate findings into actionable recommendations.
- Demonstrated ability to manage multiple concurrent priorities with minimal oversight.
- Strong interpersonal and written communication skills; able to convey technical risk concepts to non-technical stakeholders.
- Proficiency with GRC platforms (e.g., Archer), ITSM tools (e.g., ServiceNow, Jira), and security tools (e.g., Splunk, Qualys, DataDog, Wiz, and/or CyberArk).
- Experience with cloud platforms such as AWS, Azure
- Familiarity with reporting tools (Tableau, PowerBi)
- Experience in a regulated financial institution or banking environment.
- Familiarity with cloud infrastructure risk, cyber recovery, or third-party risk management.
- Prior experience responding to regulatory exams or supporting audit remediation.
- Bachelor's degree in Information Technology, Cybersecurity, Business, or a related field required; Master's degree preferred.
- One or more of the following certifications are preferred:
- CISA (Certified Information Systems Auditor)
- CRISC (Certified in Risk and Information Systems Control)
- CISM (Certified Information Security Manager)
- AWS Cloud Practitioner or Microsoft Azure Fundamentals
- Hours per Week: 40
- Work Schedule: Monday-Friday
- Hybrid: 4 days per week onsite, 1 day remote
Why Work for Us
At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth
Posting End Date: 07/31/2026
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search