Senior IT Compliance Risk Analyst

About this role

Responsibilities

• Analyze and prioritize IT risks
• Discover internal business
• reporting needs and data products
• that meet the reporting needs.
• Develop reporting requirements and oversee analytics and reporting solutions from
• Proof of Concept through Production release.
• Analyze compliance and risk indicators for
• IT controls, with a strong focus on Access Management.
• Translate strategic risk and compliance objectives into
• actionable delivery plans and initiatives
• .
• Partner with platform, security, and engineering teams to design, influence, and drive implementation
• of agreed solutions.
• Provide advisory input and practical guidance
• to platform teams, ensuring alignment with leadership decisions and enterprise standards.
• Track remediation progress and control effectiveness, and
• proactively escalate risks and dependencies as needed
• .
• Keep leadership regularly informed of
• risk trends, control effectiveness, and remediation status
• .

Requirements

• Bachelor’s Degree (preferably in
• Information Technology, Cybersecurity, or Information Systems
• )
• 6-8 years of IT risk and compliance / IT audit experience
• Strong hands-on knowledge of
• Identity & Access Management (IAM)
• concepts, including:
• Provisioning and deprovisioning
• Identity lifecycle management
• RBAC / ABAC
• Single Sign-On (SSO)
• Multi-Factor Authentication (MFA)
• Privileged Access Management (PAM)
• Experience evaluating or auditing
• access governance processes and identity providers
• Understanding of
• IT security and compliance frameworks
• (e.g., SOX ITGC, NIST)
• Experience translating
• technical control findings into actionable risk insights and remediation plans
• Strong analytical mindset
• with attention to detail and ability to interpret complex technical data
• Excellent communication skills
• , with the ability to tailor messaging for technical teams, business partners, and executive leadership.