CardWorks · 15 hours ago
Sr. IT Risk Analyst
Woodbury (Long Island)
Full-time
Onsite
Senior Level
$122K/yr - $136K/yr
5+ years expCardWorks is a diversified consumer finance service provider, and they are seeking a Sr. IT Risk Analyst to support and enhance the organization's technology risk management and audit coordination. The role involves partnering with various stakeholders to ensure regulatory readiness and effective control operation, while managing technology risks and compliance efforts.
Financial Services
Responsibilities
Coordinate audit preparation activities—including scheduling, evidence collection, and stakeholder communication—for internal audits and regulatory examinations (e.g., FDIC, SOX, SOC, and other technology-focused reviews)
Serve as the primary liaison between Internal Audit, IT, and Compliance teams to ensure timely and accurate responses to audit inquiries
Oversee and track remediation activities; validate completion and effectiveness of corrective actions for technology-related audit findings
Participate in readiness assessments and pre-audit walkthroughs to identify issues before formal reviews begin
Conduct comprehensive Technology Risk Assessments, identifying inherent and residual risks across infrastructure, applications, security, and cloud environments
Evaluate the design and operating effectiveness of technology controls, including IT General Controls (ITGCs), logical access, change management, operations, and security controls
Perform independent control testing to verify compliance with policies, standards, and regulatory requirements
Advise IT leadership on control gaps, deficiencies, risks, and recommended remediation strategies
Provide risk insights for new initiatives, technology implementations, cloud migrations, and major IT projects
Support enhancements to the IT risk management framework, control library, and GRC tooling
Monitor emerging technology risks and collaborate with stakeholders to develop mitigating controls
Contribute to the development and maintenance of IT policies, standards, and procedures
Qualification
Required
Bachelor's degree in information technology, Cybersecurity, Risk Management, or related field (or equivalent experience)
5-10+ years of experience in IT risk, audit, information security, or technology governance
Strong knowledge of IT controls frameworks (e.g., COBIT, NIST, ISO 27001) and regulatory requirements (SOX, FFIEC, SOC, etc.)
Experience working with audit functions and responding to regulatory reviews
Ability to analyze control gaps and articulate risks clearly to technical and non-technical stakeholders
Preferred
Professional certifications such as CISA, CRISC, CISSP, CIA, or similar
Experience with GRC platforms (e.g., Archer, ServiceNow GRC, MetricStream)
Familiarity with cloud technologies (AWS, Azure, GCP) and related risk assessments
Prior first line Technology experience
Benefits
Competitive Pay, including a Bonus Target or Variable Pay Incentive Program
Benefits Package -Medical, Dental, and Vision (plus much more)
401(k) Plan with Company Match
Short- & Long-Term Disability
Wellness Programs
Group Life and AD&D Insurance
Paid Vacation, Sick Days and bank Holidays
Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition
Company
CardWorks
Cardworks is a service provider provides comprehensive service and support to bankcard issuers.
1001-5000 employees
Funding
Current Stage
Late StageTotal Funding
unknownKey Investors
Parthenon Capital Partners
2022-02-15Private Equity
2017-08-01Private Equity
Leadership Team
Christian Wymbs
EVP & CFO
Recent News
2025-10-03
2025-10-01
2025-05-10
Company data provided by crunchbase