ETS Risk Analyst II
Indexed description
Responsibilities
- Partner with Risk Managers to execute the control monitoring and testing program across multiple complex technology and cybersecurity processes.
- Independently perform control design and operating effectiveness testing in accordance with established methodologies and timelines.
- Assess material controls and determine whether enhanced controls are effective to support issue validation and closure.
- Document testing results clearly and accurately in the system of record and supporting tools, producing audit ready documentation suitable for QA, Internal Audit, and Regulatory review.
- Support the analysis of monitoring and testing results to identify themes, trends, root causes, and emerging issues.
- Escalate control deficiencies, emerging risks, and potential delays in a timely and professional manner.
- Support issue management activities, including testing to validate remediation and support issue closure
- Participate in Risk and Control Self Assessments (RCSAs), including creation and validation of process maps that reflect key processes, risks, and controls
- Maintain awareness of emerging risks and evolving technologies (e.g., artificial intelligence, automation, and data driven processes) and assess their impact on control design, effectiveness, and monitoring approaches.
- Contribute to the continuous monitoring program by leveraging automated testing, key control metrics, and trend analysis to improve risk insight and control coverage.
- Identify, evaluate, and prioritize opportunities to enhance control testing through automation, data analytics, and improved key control metrics, partnering with stakeholders to support implementation.
- Build effective working relationships with business and technology stakeholders to stay informed of process changes and emerging risks.
- Develop understanding of internal policies, infrastructure processes, and evolving industry risk trends.
- Proactively pursue ongoing professional development, including relevant certifications, industry training, etc. to maintain current knowledge in a rapidly evolving field.
- 3–5 years of experience in IT, information security, risk management, or internal audit.
- Foundational understanding of technology risk concepts, control frameworks (NIST 800-53, NIST CSF, CRI Profile, COBIT, or ITIL), and risk management lifecycle.
- Familiarity with GRC platforms (e.g., Archer) and IT service management tools (e.g., ServiceNow, Jira).
- Ability to analyze and interpret data from security and operational monitoring tools.
- Strong written and verbal communication skills, with the ability to translate technical risk findings into clear documentation.
- Demonstrated ability to manage multiple priorities in a fast-paced environment with attention to detail.
- Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint).
- Experience in a regulated financial services or banking environment.
- Familiarity with cloud environments (AWS, Azure) or infrastructure risk concepts.
- Exposure to audit response, regulatory exam support, or corrective action tracking.
- Bachelor's degree in Information Technology, Cybersecurity, Business, or a related field required.
- One or more of the following certifications are preferred:
- CompTIA Security+
- AWS Cloud Practitioner or Microsoft Azure Fundamentals
- CISA (Certified Information Systems Auditor)
- CRISC (Certified in Risk and Information Systems Control)
- Hours per Week: 40
- Work Schedule: Monday - Friday
- Hybrid: 4 days per week onsite
Why Work for Us
At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth
Posting End Date: 08/31/2026
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search