Citizens · 2 months ago
Senior IT Risk Analyst
Johnston, RI
Full-time
Hybrid
Senior Level
$131K/yr - $197K/yr
5+ years expCitizens is seeking a Senior IT Risk Analyst to provide technical risk oversight of data processing and transformation processes primarily in a public cloud environment. The role involves collaborating with enterprise technology teams to identify, assess, and mitigate risks while ensuring compliance with industry best practices.
BankingCredit CardsFinancial ServicesFinTechRetail
Responsibilities
Act as a technical Subject Matter Expert on assigned projects and working groups responsible for identifying risks and controls inherent in various technical processes in the CI/CD pipeline and DevSecOps procedures
Collaborate directly with technical contributors supported by the risk team to document process maps, procedures, control adequacy worksheets, control test steps and job aides utilizing Visio, Confluence, and other enterprise documentation tools
Respond to internal and external audits, regulatory exams, and other requests for information. Assist in the evaluation of audit and examination findings and implementation of corrective action and needed responses
Identify risk issues, create issue documentation in the enterprise system of record, GRC Archer, steward issue through second line approval, action plan and target date management and submit evidence for issue closure or significance downgrade when appropriate
Analyze and interpret available risk and security data from GRC, Splunk, DataDog, ServiceNow, Nexus, Qualys and similar tools to identify risk trends, risk gaps, potential controls and risks
Partner with first-line-risk and third-party-risk colleagues to complete routine risk management tasks and ceremonies, such as Risk and Control Self-Assessments (RCSAs), Ad-hoc Risk Assessments, Business Initiative Risk Assessments, Procedure Updates, Complementary User Entity Control Reviews, Second Line Risk Management Challenges, and so on
Develop well-written, comprehensively-researched and data-driven risk reports within assigned deadlines
Act as a primary liaison with business stakeholders to identify, track, report, and continuously manage Technology Risk exposure associated with their day-to-day activities in an on-demand consultative capacity
Utilizing time-management and organizational skills as well as enterprise productivity tools such as Jira, manage multiple simultaneous time-sensitive workloads ensuring not to miss target dates, submission deadlines
Stay current on changes to business processes, internal policy/standards, and industry trends in the evaluation of the potential impact on the banks risk profile
Establish and maintain an effective business relationship with business partners, key project stakeholders, Audit and Governance teams, and subject matter experts to advise and support the business lines in preventing and mitigating risk
Qualification
Required
Experience in designing and configuring high performing data and analytical solutions that transform, integrate, and make data available for business solutions
Technical risk oversight of data processing/transformation processes, primarily in a public cloud (AWS) but also on-premises
Prior technical contributor experience in large scale, hybrid-cloud computing, agile-CI/CD, DevSecOps enterprises
Prior experience with automation and operational knowledge of Python, SQL or other technical skillsets to deploy DevSecOps solutions such as Security Orchestration, Automation and Response (SOAR)
Strong familiarity and functional knowledge of DevSecOps and related tools (Jenkins, Nexus, Bitbucket, API Connect, Confluent Cloud, AWS IAM, Splunk, ServiceNow, GRC Archer etc.)
Strong learning and communication skills and high confidence in technology aptitude to identify risks appropriately
Act as a technical Subject Matter Expert on assigned projects and working groups responsible for identifying risks and controls inherent in various technical processes in the CI/CD pipeline and DevSecOps procedures
Collaborate directly with technical contributors supported by the risk team to document process maps, procedures, control adequacy worksheets, control test steps and job aides utilizing Visio, Confluence, and other enterprise documentation tools
Respond to internal and external audits, regulatory exams, and other requests for information
Identify risk issues, create issue documentation in the enterprise system of record, GRC Archer, steward issue through second line approval, action plan and target date management
Analyze and interpret available risk and security data from GRC, Splunk, DataDog, ServiceNow, Nexus, Qualys and similar tools to identify risk trends, risk gaps, potential controls and risks
Partner with first-line-risk and third-party-risk colleagues to complete routine risk management tasks and ceremonies
Develop well-written, comprehensively-researched and data-driven risk reports within assigned deadlines
Act as a primary liaison with business stakeholders to identify, track, report, and continuously manage Technology Risk exposure
Utilizing time-management and organizational skills as well as enterprise productivity tools such as Jira, manage multiple simultaneous time-sensitive workloads
Stay current on changes to business processes, internal policy/standards, and industry trends
Establish and maintain an effective business relationship with business partners, key project stakeholders, Audit and Governance teams, and subject matter experts
Technical capability or knowledge of Information Technology, Information Security, and/or Data Management
Experience with tools such as Excel and Tableau for collecting, analyzing and interpreting data from multiple sources
Strong interpersonal skills to effectively communicate complex technical and risk matters
Strong research, critical/analytical thought process, problem solving and writing skills
Flexible and adaptable to change; ability to work comfortably with incomplete information and deal with ambiguity in a fast-paced environment
Project management and autonomous prioritization skills to support complex concurrent assignments
Minimum of 5 years of IT contributor, risk management or equivalent experience
Master's Degree (Finance/ Business / Security / IT Related) or Bachelor's Degree and equivalent career experience
Preferred
Certifications in Information Technology, Security, Design and/or risk certifications preferred but not required (e.g., CISA, CISM, CCNA, CISSP, CRISC or AWS certified Cloud Practitioner)
Benefits
Comprehensive medical, dental and vision coverage
Retirement benefits
Maternity/paternity leave
Flexible work arrangements
Education reimbursement
Wellness programs
Paid time off policy exceeds the mandatory, paid sick or paid time-away policy of very local and state jurisdiction in the United States
Company
Citizens
At Citizens, we recognize that the journey to accomplishment is no longer linear and that individuals are made of all they have done and all they are going to do.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
$2B2025-02-26Post Ipo Debt· $750M
2024-07-09Post Ipo Debt· $1.25B
2014-09-23IPO
Leadership Team
Melisa Carrascoza
SVP, Business Banking Market Executive - New England South
Steve Kozek
Head of Commercial Excellence, Senior Vice President
Recent News
Talk Business & Politics
2026-01-19
Arkansas Business — Business News, Real Estate, Law, Construction
2026-01-19
Providence Business News
2026-01-16
Company data provided by crunchbase