Job Openings IT Analyst (Risk)

About the job IT Analyst (Risk)

Scope of Work / Responsibilities

In close coordination with the IT Assurance, Risk, and Controls teams, the Senior IT Risk Analyst will:

  • Update and improve ITDs risk management framework and processes to enhance operational maturity and alignment with the organizations risk practices

  • Conduct IT operational risk assessments in collaboration with Subject Matter Experts from IT and business units

  • Engage senior stakeholders in risk assessment and risk mitigation discussions

  • Prepare and review risk assessment reports to ensure accuracy and relevance

  • Perform Security License to Operate (SLtO) reviews to confirm IT risk and compliance controls are in place prior to production deployment, including assessing unresolved high or critical risks and recommending mitigation strategies to support go-live decisions

  • Facilitate IT policy exception or deferment requests and monitor their status and action plans

  • Ensure IT risk information in the GRC tool is accurate, timely, and up to date

  • Prepare IT risk reports and dashboards, and communicate insights to IT teams and governance groups

  • Promote a risk-aware culture through risk communications and awareness activities

  • Coordinate IT risk reporting with the Office of Risk Management (e.g., key risk indicators, operational risks, incident losses, and risk appetite reporting)

  • Review IT policies and process documents in coordination with the IT Controls and Compliance team

  • Support the planning and execution of ISO 27001 risk assessments and related information security activities

  • Perform other related duties as required

Requirements and Qualifications

Education & Work Experience

  • Bachelors degree in Business Administration, Management, Accounting, Computer Science, Information Technology, Industrial Engineering, or a related field

  • Minimum of 5 years of experience in IT risk, governance, and controls

Technical Knowledge

  • Strong background in IT risk management and governance

  • Familiarity with frameworks and standards such as SOX, COSO, COBIT, NIST, PMBOK, ISO 27001, SWIFT CSCF, and DORA

  • Good understanding of audit principles, standards, and procedures

  • Broad knowledge of enterprise IT environments

  • Excellent written and verbal communication skills in English; comfortable engaging with senior stakeholders across cultures

Soft Skills

  • Strong analytical and problem-solving skills

  • High attention to detail and structured approach to work

  • Ability to work effectively with internal and external stakeholders

  • Strong collaboration and teamwork skills

Tools / Software

  • Experience with GRC tools

  • Proficient in Office 365 applications

  • Experience with reporting and visualization tools such as Power BI

Certifications (Preferred)

  • Relevant industry certifications such as CRISC, CISA, or ISO-related certifications


Or refer someone