Jobs · Finance · Arizona

Senior Technology Risk Analyst

Newrez · Tempe, AZ · 2 wk ago
FinanceFull-time

About the role

The Senior Technology Risk Analyst supports the organization's risk governance direction and elevates the company's overall risk posture. This role involves managing and maturing the enterprise risk register and driving high-quality risk assessments across new and existing information system capabilities.

Responsibilities

  • Conduct enterprise-wide, ongoing risk identification and risk assessments in tandem with compliance and security teams.
  • Maintain full oversight and administration of the enterprise risk register within the GRC platform.
  • Identify strengths and weaknesses in the risk and security program as they relate to security, business resiliency, and compliance frameworks.
  • Document, formulate, and enforce areas of risk-related improvement that balance business operations with appropriate risk reduction.
  • Maintain strong oversight of third-party, vendor, and business-partner risks and update the risk register to reflect identified issues or required remediation.
  • Analyze and assess risk findings and document, recommend, and report program gaps and risk trends to security leadership.
  • Monitor current and proposed regulatory, privacy, and security changes and ensure associated risks are captured within the risk register.
  • Apply GRC expertise across key lines of business to ensure consistent and accurate risk scoring, control mapping, and risk treatment planning.
  • Define qualitative and quantitative metrics to assess the success of the risk program and provide regular reports to security and business leadership.
  • Ensure teams maintain up-to-date documentation for systems, controls, and processes that support the risk assessment lifecycle.
  • Participate in incident response by documenting incident-related risks, tracking occurrences, and ensuring proper closure within the risk register.
  • Work in tandem with security, audit, and risk management leadership to perform ongoing assessments of the risk program and contribute to annual strategic initiatives.
  • Attend and actively participate in change and project management meetings to identify new or evolving risks.

Requirements

  • Bachelor’s degree in computer science, a related field, or equivalent industry experience.
  • Holds one or more relevant industry certifications.
  • At least 7+ years’ experience in cybersecurity, compliance, or risk management with strong exposure to risk assessment methodologies.
  • Experience and understanding of regulatory requirements and laws including, but not limited to SOX, SOC, and GLBA.
  • Additional experience in CRI or NIST frameworks.
  • Preferred experience with cloud environments such as AWS and Microsoft Azure.

Qualifications and Education

  • Bachelor’s degree in computer science, a related field, or equivalent industry experience.
  • Holds one or more relevant industry certifications.
  • At least 7+ years’ experience in cybersecurity, compliance, or risk management with strong exposure to risk assessment methodologies.
  • Experience and understanding of regulatory requirements and laws including, but not limited to SOX, SOC, and GLBA.
  • Additional experience in CRI or NIST frameworks.
  • Preferred experience with cloud environments such as AWS and Microsoft Azure.

Skills, Abilities, and Knowledge

  • Strong business acumen and risk management skills with the ability to align risk governance with business operations.
  • Exceptional written and verbal communication skills with proven ability to translate risk and security concepts to all levels of the business.
  • Ability to understand both legacy and modern technologies and evaluate risk impacts accordingly.
  • Working knowledge of incident response, system configuration, vulnerability management, and hardening guidelines as they relate to risk identification and evaluation.
  • Demonstrated problem-solving capability and ability to manage complex, cross-functional risk requirements.
  • Self-motivated, organized, and capable of proactive identification of emerging risks.
  • Successful track record of managing third-party risk, contracts, and external relationships.
  • Familiarity with state, federal, and international privacy laws.
  • Highly trustworthy; leads by example.
  • Strong interpersonal skills with the ability to develop and maintain effective and professional relationships across the organization and with customers.
  • Ability to effectively influence and negotiate with stakeholders.
  • Consultative and collaborative work style.
  • High learning agility with the ability to learn and integrate business variables and learn new systems and platforms.
  • Effective at managing multiple priorities under tight deadlines in a fast-paced, dynamic environment.
  • Self-directed and comfortable working with ambiguity and uncertainty.
  • High degree of professional maturity, integrity, ability to maintain confidential data and information.

Physical Requirements

  • Sedentary work in a stationary position at a cubicle for prolonged periods of time.
  • Constant repetitive motions required for operating a computer, such as typing and managing phone calls.
  • Constantly communicating effectively verbally in English, including accurately exchanging information with others following identification of correct procedures.

Similar jobs

Senior IT Risk Analyst

Rockland TrustPlymouth, MA· 2 wk ago
Information Technologyapply on eehb.fa.us2.oraclecloud.com