Location: Hybrid in Reston, VA (Tuesday & Wednesday in office)

Summary:

The Senior IT Risk & Resiliency Analyst works under the direction and supervision of the Director Business Resiliency and IT Risk to help maintain and support an effective enterprise risk management (ERM) program across the organization. In fulfilling this effort, IT Risk & Resiliency Analyst works collaboratively and cooperatively with all business units and the Internal Audit function.

The Senior IT Risk Analyst will be responsible for identifying, assessing, and mitigating risks associated with the organization's information technology systems and processes. This role involves collaborating with various departments to ensure the integrity, confidentiality, and availability of company data. The ideal candidate will have a strong understanding of IT security principles, risk management frameworks, and compliance standards.

As a member of the Risk Management team, the Senior IT Risk & Resiliency Analyst provides support for divisional responsibilities including business resiliency, operational risk, vendor management and other relevant risk management areas as needed.

We’re proud of the way our teammates have a positive impact on everything we do. Our employees are committed to and exemplify our Core Values:

• Integrity through accountability, consistency, transparency, and trust

• Agility through adaptability, continuous improvement, expertise, and flexibility

• Partnership through collaboration, communication, leadership, and teamwork

• Inclusivity through diversity, relationships, respect, and support

REQUIREMENTS

• A minimum of 5 years of professional work experience with IT Risk and/or analytical experience strongly preferred.
• Bachelor’s degree in information technology or related field, or relevant experience.
• Working knowledge of Risk Management principles.
• Detail-oriented, with demonstrated ability to manage multiple efforts simultaneously.
• Strong customer service skills.
• Software proficiency: MS Excel, MS PowerPoint, MS Word.
• Ability to listen and integrate ideas from diverse groups of individuals, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively.
• Proof of eligibility to work in the United States.

RESPONSIBILITIES

• Conduct thorough risk assessments of IT processes to identify, monitor and assess key risks and controls related to these processes.

• Understand and evaluate IT systems, applications, and processes to identify potential areas of risk and develop and implement risk mitigation strategies and action plans to address identified risks.

• Monitor and analyze IT security incidents and provide recommendations for corrective actions.

• Collaborate with IT and business units to ensure compliance with relevant regulations, standards, and best practices.

• Assist in the development and maintenance of risk management policies, procedures, data analytics and documentation.

• Perform regular assessments and independent evaluation of IT metrics to ensure ongoing

compliance and risk mitigation.

• Stay up-to-date with the latest IT security trends, threats, and technologies.

• Provide training and awareness programs for staff on IT risk and security practices.

• Prepare detailed reports and presentations on risk assessment findings and recommendations

for senior management.

• Participate in disaster recovery and business continuity planning and testing.