Risk Analyst

!!FULLY ONSITE IN ST. LOUIS, MO!!

Job Description

POSITION SUMMARY

A Technical Risk Management Analyst is responsible for identifying, assessing, and mitigating risks associated with technology and technical processes within an organization. This role typically involves analyzing potential risks, implementing strategies to minimize their impact, and ensuring compliance with relevant regulations and standards.

As a Technical Risk Management Analyst, one will play a critical role in safeguarding the organization’s technological assets and ensuring that risks related to technology are effectively managed.

The successful candidate thinks strategically, is intellectually curious and is comfortable working in undefined problem spaces. The Technical Risk Management Analyst will be expected to further refine the risk program.

MAJOR DUTIES.

• Risk Identification: Identify and evaluate technical risks associated with information systems, processes, and technologies.
• Risk Assessment: Conduct risk assessments to determine the likelihood and potential impact of identified risks. Use qualitative and quantitative methods to analyze risk data.
• Mitigation Strategies: Develop and implement risk mitigation strategies, including policies, procedures, and controls to reduce risk exposure.
• Compliance Monitoring: Ensure compliance with relevant regulations, standards, and best practices related to information security and risk management (GLBA, NIST, CIS, etc.)
• Reporting: Prepare and present risk assessment reports to senior management, highlighting key risks, trends, and recommendations for improvement.
• Collaboration: Work closely with IT, cybersecurity, and other departments to promote a risk-aware culture and facilitate effective risk management practices.
• Continuous Improvement: Monitor and review risk management processes and systems to identify areas for improvement and ensure they remain effective in a changing technological landscape.
• Training and Awareness: Provide training and awareness programs for staff to ensure understanding of risk management practices and their roles in mitigating risks.

QUALIFICATIONS

EDUCATION

Minimum Required:

Bachelor degree in Cybersecurity, Information Security, Information Assurance, IT Audit, Computer Science, Management Information Systems, or related discipline

EXPERIENCE

Minimum Required:

3-5 years of experience in risk management, information security, IT Audit or a related field.

Desired:

IT Risk or IT Audit experience at a Financial Services firm

LICENSES & CREDENTIALS

Minimum Required:

Possess at least one security or IT related professional designation.

Desired:

CISSP, CISA, CISM, etc.

KNOWLEDGE & SKILLS

• Strong understanding of information security principles, risk management frameworks, and relevant technologies (e.g., firewalls, intrusion detection systems, cloud security).
• Excellent analytical and problem-solving skills with the ability to assess complex technical risks and develop effective solutions.
• Strong verbal and written communication skills, with the ability to convey complex information clearly to diverse audiences
• Familiarity with federal and state legal regulatory requirements related to information security.
• Understands the basic tenants of security risk management (threat management, vulnerability management, and risk treatment).

WORK ENVIRONMENT

• Primarily office-based with potential remote work opportunities.
• May require occasional travel for training, conferences, or onsite assessments

TOOLS AND TECHNOLOGY

• Governance, Risk, Compliance Solutions

6558