Technology Risk Analyst - Cyber Risk Management

Job title: Technology Risk Analyst - Cyber Risk ManagementJob Location: New York, New York (Hybrid 3 days onsite)Job Type: ContractA global bank is seeking a Technology Risk Analyst who will be responsible for the development and implementation of an enterprise-wide technology and cyber risk management program within the second Line of Defense to ensure that risks are appropriately identified, assessed, monitored and managed. Essential Duties and Responsibilities: Implement/Operate the Technology, Cyber Risk Management Frameworks that provides oversight and independent challenge to the first line through an effective and objective assessment. Assess the accuracy, completeness, and adequacy of risks and controls Analyze business processes and requirements to ensure compliance with security policies and procedures Perform effective challenge of critical and high-risk technology processes, controls and compliance activities Recommend enhancements to the business/technology processes and controls to improve effectiveness of technology & vendor risk management capabilities Perform risk tracking, trending, analysis, and executive reporting Manage regulatory compliance activities across Technology and Cyber Coordinate the execution of compliance gap assessments Track, monitor, report on action plans Support design, delivery, and monitoring of Technology Risk Management training and awareness programRequirements: • Bachelor's degree in Information Technology, Information Security, Business Administration or Risk Management (or equivalent professional qualification), Master's Degree desirable • 5-7 years' experience specifically in Information Security and/or technology risk management • Prior experience in the Financial Services industry is required • Experience with GRC tools and other risk management information systems is preferred • Proven track record for managing and enhancing control processes• Experience in developing and implementing risk management programs • Experience interacting with regulators, preferably FRB and NY DFS • Demonstrated ability to work effectively in a team environment as well as independently • Demonstrated ability to drive projects Strong analytical skills and advanced Microsoft Office (Word, Outlook, Excel, and PowerPoint) capabilities • Industry recognized certifications within the domains of information security and or privacy (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.) considered a plus

Created: 2025-03-09