Jobs · Finance · Rhode Island

Senior Technology Risk Analyst – Monitoring and Testing

Citizens · Johnston, RI · 3 mo ago
FinanceFull-time

Responsibilities

  • Lead planning and execution of control monitoring and testing across multiple complex technology and cybersecurity processes, ensuring adherence to methodology, timelines, and quality standards.
  • Independently perform and/or oversee control design and operating effectiveness testing; review workpapers and evidence for completeness, accuracy, and audit readiness.
  • Assess material controls and evaluate whether enhanced controls and remediation actions are effective to support issue validation and closure.
  • Ensure testing results are documented clearly and accurately in the system of record and supporting tools, producing audit-ready documentation suitable for QA, Internal Audit, and Regulatory review.
  • Proactively escalate significant control deficiencies, emerging risks, and delivery risks; drive follow-up with stakeholders to achieve timely resolution.
  • Lead issue validation testing to confirm remediation effectiveness and provide evidence-based recommendations to support issue closure.
  • Support and/or lead Risk and Control Self-Assessments (RCSAs), including creation and validation of process maps that reflect key processes, risks, and controls.
  • Lead identification and prioritization of opportunities to enhance testing through automation, data analytics, and improved key control metrics (KRIs/KCMs); partner with stakeholders to support implementation.
  • Strengthen continuous monitoring by refining metrics, improving coverage, and leveraging trend and anomaly analysis to increase risk signal and reduce noise.
  • Build and expand trusted relationships across business and technology stakeholders; influence outcomes through compelling, fact-based analysis and clear recommendations.
  • Mentor junior analysts on risk methodology, documentation standards, and analytical techniques.
  • Stay current on regulatory changes, emerging technology risks, and evolving industry frameworks.
  • Proactively pursue ongoing professional development, including relevant certifications, industry training, etc. to maintain current knowledge in a rapidly evolving field.

Experience & Skills

  • 5–7 years of progressive experience in IT risk management, information security, or internal audit.
  • Working knowledge of control frameworks including CRI Profile, NIST 800-53, NIST CSF, COBIT, and/or ITIL.
  • Experience conducting or supporting RCSAs, control testing, and risk assessments in a regulated environment.
  • Strong analytical and problem-solving skills with the ability to interpret complex data and translate findings into actionable recommendations.
  • Demonstrated ability to manage multiple concurrent priorities with minimal oversight.
  • Strong interpersonal and written communication skills; able to convey technical risk concepts to non-technical stakeholders.
  • Proficiency with GRC platforms (e.g., Archer), ITSM tools (e.g., ServiceNow, Jira), and security tools (e.g., Splunk, Qualys, DataDog, Wiz, and/or CyberArk).
  • Experience with cloud platforms such as AWS, Azure.
  • Familiarity with reporting tools (Tableau, PowerBi).

Education

  • Bachelor's degree in Information Technology, Cybersecurity, Business, or a related field required; Master's degree preferred.
  • One or more of the following certifications are preferred:
    • CISA (Certified Information Systems Auditor)
    • CRISC (Certified in Risk and Information Systems Control)
    • CISM (Certified Information Security Manager)
  • Familiarity with cloud infrastructure risk, cyber recovery, or third-party risk management.
  • Prior experience responding to regulatory exams or supporting audit remediation.

Similar jobs

Senior IT Risk Analyst

Rockland TrustPlymouth, MA· 3 wk ago
Information Technologyapply on eehb.fa.us2.oraclecloud.com